Setting cookies in PHP

By: David Sklar  

You want to set a cookie.

Use setcookie()

setcookie('flavor','chocolate chip');

Cookies are sent with the HTTP headers, so setcookie( ) must be called before any output is generated.

You can pass additional arguments to setcookie() to control cookie behavior. The third argument to setcookie( ) is an expiration time, expressed as an epoch timestamp. For example, this cookie expires at noon GMT on December 3, 2004:

setcookie('flavor','chocolate chip',1102075200);

If the third argument to setcookie( ) is missing (or empty), the cookie expires when the browser is closed. Also, many systems can't handle a cookie expiration time greater than 2147483647, because that's the largest epoch timestamp that fits in a 32-bit integer.

The fourth argument to setcookie( ) is a path. The cookie is sent back to the server only when pages whose path begin with the specified string are requested. For example, the following cookie is sent back only to pages whose path begins with /products/:

setcookie('flavor','chocolate chip','','/products/');

The page that's setting this cookie doesn't have to have a URL that begins with /products/, but the following cookie is sent back only to pages that do.

The fifth argument to setcookie( ) is a domain. The cookie is sent back to the server only when pages whose hostname ends with the specified domain are requested. For example, the first cookie in the following code is sent back to all hosts in the domain, but the second cookie is sent only with requests to the host

setcookie('flavor','chocolate chip','','','');
setcookie('flavor','chocolate chip','','','');

If the first cookie's domain was just instead of, it would be sent only to the single host (and not or

The last optional argument to setcookie( ) is a flag that if set to 1, instructs the browser only to send the cookie over an SSL connection. This can be useful if the cookie contains sensitive information, but remember that the data in the cookie is stored in the clear on the user's computer.

Different browsers handle cookies in slightly different ways, especially with regard to how strictly they match path and domain strings and how they determine priority between different cookies of the same name. The setcookie( ) page of the online manual has helpful clarifications of these differences.

Most Viewed Articles (in PHP )

Parent: child process exited with status 3221225477 -- Restarting

Resume or Pause File Uploads in PHP

break out of an if() block in PHP

Exception in module wampmanager.exe at 000F15A0 in Windows 8

Running different websites on different versions of PHP in Windows 2003 & IIS6 platform

Installing PHP and MySQL in windows, mac and linux


PHP 5.1.4 INSTALLATION on Solaris 9 (Sparc)

Building PHP 5.x with Apache2 on SuSE Professional 9.1/9.2

Installing PHP 5.x with Apache 2.x on HP UX 11i and configuring PHP 5.x with Oracle 9i

Cannot load /usr/local/apache/libexec/ into server:

Setting up PHP in Windows 2003 Server IIS7, and WinXP 64

Function to sort array by elements and count of element in PHP

Malware: global $ob_starting;

Function to convert strings to strict booleans in PHP

Latest Articles (in PHP)

Comment on this tutorial