Set use and delete the Cookie solution in PHP

  • 2020-06-01 08:58:51
  • OfStack

1. Set Cookie

PHP USES the SetCookie function to set Cookie. One thing to note: Cookie is part 1 of the HTTP protocol header for passing information between the browser and the server, so you must call the Cookie function before any content that belongs to the HTML file itself is output.

The SetCookie function defines an Cookie and appends it to the HTTP header. The prototype of the SetCookie function is as follows:

int SetCookie(string name, string value, int expire, string path, string domain, int secure);

All parameters except name are optional. The three parameters of value,path and domain can be replaced with empty strings, indicating that there is no setting; The parameters expire and secure are numeric and can be represented by 0. The expire parameter is a standard Unix time marker, which can be obtained in seconds using the time() or mktime() functions. The secure parameter indicates whether the Cookie is transmitted over the network via the encrypted HTTPS protocol. The current setting of Cookie does not take effect immediately, but it will not be seen until the next page. This is because Cookie is delivered from the server to the client's browser in the set page, and Cookie can be taken from the client's machine and sent back to the server in the next page. Setting Cookie on the same page actually goes backwards, so if you want to delete a new Cookie before inserting it, you must first write the insert statement and then the delete statement, otherwise you may get an unwanted result. Here are some examples:


SetCookie("MyCookie", "Value of MyCookie");

With time of failure:

SetCookie("WithExpire", "Expire in 1 hour", time()+3600); //3600 seconds =1 hour

Have it all:

SetCookie("FullCookie", "Full cookie value", time()+3600, "/forum", "", 1);

For example, if you use Cookie with no path, Cookie in one directory will not be visible in the other directory. In other words, Cookie is path-oriented. In fact, the WEB server will automatically pass the current path to the browser, even if no path is specified. Specifying the path forces the server to use the set path. The solution to this problem is to include the path and domain name when calling SetCookie, which can be in the form "" or " ". The part of the SetCookie function that represents value will be encode automatically when it is passed, that is, if the value of value is "test value", it will become "test%20value" when it is passed, just like URL method 1. Of course, this is transparent to the program, because PHP automatically sends decode when it receives the value Cookie.

If you want to set multiple Cookie with the same name, you can use an array by:

SetCookie("CookieArray[]", "Value 1");

SetCookie("CookieArray[]", "Value 2");


SetCookie("CookieArray[0]", "Value 1");

SetCookie("CookieArray[1]", "Value 2");

2. Receive and process Cookie

PHP has very good support for receiving and handling Cookie. It is completely automatic, just like principle 1 of FORM variable. It is very simple. For example, if an Cookie named MyCookier is set, PHP will automatically analyze it from the head of HTTP received by the WEB server, and form a variable similar to the ordinary variable 1, named $myCookie, whose value is the value of Cookie. The same goes for arrays.

Another option is to reference the PHP global variable $HTTP_COOKIE_VARS array.

Here are some examples :(assuming these were set in the previous page and are still valid)

echo $MyCookie;

echo $CookieArray[0];

echo count($CookieArray);

echo $HTTP_COOKIE_VARS["MyCookie"];

It's that simple.

3. Delete Cookie

There are two ways to delete an existing Cookie:

1 is to call SetCookie with only name parameter, then Cookie named name will be deleted from the relationship machine;

Another option is to set the expiration time of Cookie to time() or time()-1, so that the Cookie is removed after the page has been viewed. Note that when an Cookie is deleted, its value is still valid on the current page.

4. Limitations of using Cookie

First, it must be set before the content of the HTML file is output.

Second, different browsers do not handle Cookie properly, and sometimes there are incorrect results. For example, MS IE+SERVICE PACK 1 cannot properly handle Cookie with domain name and path, Netscape Communicator 4.05 and MS IE 3.0 cannot properly handle Cookie without path and time. As for MS IE 5, it does not seem to be able to handle Cookie with domain name, path and time. I found this when I was designing the pages of this site.

The third limitation is on the client side. The maximum number of Cookie that a browser can create is 30, and each cannot exceed 4KB, and the total number of Cookie that can be set per WEB site cannot exceed 20.

So much for Cookie.

Related articles: