PHP Cookie

In this lesson, you will learn about cookies in PHP, their usage, and examples to better understand the topic.

What is PHP Cookie

When a user visits a webpage for the first time, the webpage sends data packets known as cookies to the user’s computer: the user’s computer stores a cookie, a temporary text file. A cookie can have a maximum file size of 4KB. The websites can maintain track of a user’s browsing history or shopping cart information with cookies. It exclusively keeps “String” data types.

Because this information is saved on the client-side in text format, which anybody can see, the data stored in cookies is not safe. Depending on the situation, we can enable or disable cookies. A user is the only one who can view the cookies they create; no other user can see them. With the aid of an HTTP header, cookies are generated and transferred between the server and the browser. The browser chooses the location for the cookies to be saved; typically, Internet Explorer saves them in the Temporal Internet File Folder.

Why does PHP use Cookies?

Since HTTP is a stateless protocol, no user data is stored by it. Cookies can be used for this. It allows us to follow the status of apps and store data on the user’s machine.

PHP Create Cookies

The setcookie() function creates a cookie.


setcookie(name, value, expiry, URL, domain, secure, httponly);

The only necessary parameter is the name. All additional criteria are optional.

PHP Obtaining Cookies

The “user” cookie in the example below is created with the value “Yahya” After 30 days (86400 * 30), the Cookie will be invalid. The “/” denotes that a cookie is accessible across the entire website (otherwise, select the directory you prefer). The value of the cookie “user” is then retrieved (using the global variable $_COOKIE). The isset() function is also used to determine whether the cookie is set. The following example develops a quick script that verifies whether cookies are enabled. Try using the setcookie() function to make a test cookie, then count the $_COOKIE array variable.


$nameofcookie = "user";
$valueofcookie = "Yahya";
setcookie($nameofcookie, $valueofcookie, time() + 43200 * 30, "/");

// 43200 = half day
//condition set the name and value of cookie
if (!isset($_COOKIE[$nameofcookie])) {
    echo "Cookie '" . $nameofcookie . "' not set!";
} else {
    echo "Cookie '" . $nameofcookie . "' set!<br>";
    echo "Value of cookie: " . $_COOKIE[$nameofcookie];
// Condition checks if the cookies are enabled or diabled
if (count($_COOKIE) > 0) {
    echo "enabled.";
} else {
    echo "disabled.";

PHP Session vs. PHP Cookies

PHP SessionPHP Cookies
A session stores all the information in a file within the server's temporary directory.A text file is used to store cookies on the user's computer.
A session is terminated when the user logs out of the application or closes his web browser.The user specified duration of cookies.
A session has unlimited data storage capacity.Cookies have limited storage capacity.
The maximum size that a script can use at one time is 128 MB. You can store as considerable data as you want during a session.The maximum size for a browser cookie is 4 KB.
To initiate a session, we must invoke the session start() function.As the cookie is stored on the local computer, we do not need to call a function to start it.
PHP's $_SESSION global variable is used to set session data.PHP's $_COOKIE global variable is utilized to retrieve cookie data.
In PHP, the session destroy() function can be used to destroy or remove data stored within a session, while the unset() function can be used to remove a specific variable.We can set a date for the cookie's data to be deleted. At that time, the information will be deleted automatically. There is no dedicated function to remove data.
Sessions are more secure than cookies because the data they store is encrypted.If unauthorized users gain access to our system, they can alter the cookie data.

This concludes the PHP Cookies lesson. In the next lesson, you will learn about File Handling in PHP.