PHP cookies and sessions explanation with example
PHP cookies are a small piece of information or small file with the maximum size of 4KB which is stored at the client browser.
Basically, It is used to recognize the user, Once a Cookie has been set, then all page requests that follow the return cookie name and value.
The cookie is created at the server-side and saved to a client browser.
therefore, every time when a client sends a request to the server here, the cookie is embedded with this request.
always cookie can be received at the server-side.
Note:-
|
1 |
Always, PHP Cookie used before <html> tag. |
Why and when to use Cookies in PHP?
1. Http (It’s a stateless protocol)- cookies allow us to track the application using small files stored on the user’s Desktop and the path (file location) where the cookies are stored it’s depends on the browser.
you know that the Internet Explorer browser usually stores them in the Temporal Internet Files folder.
2. User experience – this is gained by allowing users to select their preferences.
The page requested to the server that follows is personalized based on the set preferences in the cookies.
we can use cookies to track the pages visited by a users
Setting a Cookie in PHP
In PHP we used the setcookie() function for setting a cookie in PHP.
make sure before when you generate the output or script, you will call the setcookie() function otherwise the cookie will not set.
The basic cookies syntax of this function given below:
|
1 |
setcookie(name, value, expire, path, domain, secure); |
The setcookie() function parameters meaning given in below table:
| Parameter | Description |
|---|---|
| name | its define the name of the cookie |
| value | cookie value, its do not store the sensitive info and this value stored on the user’s computer (User Interface) |
| expires | In the expires parameter, the expiry date will be in the UNIX timestamp format. you know after this time cookie will become inaccessible and the default value is 0 |
| path | you will specify the path on the server where the cookie will be available. if set to / the availability of the cookie within the entire domain. |
| domain | Specify, the cookie is available for which domain e.g www.tutorialscan.com. |
| secure | The secure parameter field, if present, indicates that the cookie should be sent only if a secure HTTPS connection exists. |
Example
|
1 2 3 4 |
<?php // the cookie setting setcookie("username", "Sachin Shukla", time()+30*24*60*60); ?> |
As given above example we used setcookie() function to create a cookie named username and assign the value, Sachin Shukla, to it.
and if you see in the example the cookie will expire after 30 days (30 days * 24 hours * 60 min * 60 sec).
Accessing Cookies Values
The PHP $_COOKIE is a superglobal variable which is used to retrieve a cookie value.
It is an associative array that contains a list of all the cookies values sent by the browser in the current request, keyed by cookie name.
and in PHP The individual cookie value can be accessed using standard array notation.
Let’s see the example to display the username cookie set in the above example, you will use the following code.
|
1 2 3 4 |
<?php // Accessing an individual cookie value echo $_COOKIE["username"]; ?> |
Finally, the above example produces the following output.
|
1 |
Aditya Shukla |
What happens when a PHP cookie expires?
first of all, before the explanation, I will define a few terms:-
therefore, In the web app, “session cookie” is a very special “cookie with 0 expiration timestamp”.
The Cookies may have UNIX timestamp value for expiration, but 0 has a specific meaning. you know, the session cookie never expires until the browser is terminated.
The “session cookie” is alive for the browsing sessions. as a result, it will not expires.
PHP session module always uses a cookie for session management, therefore, since session management cookies are “session cookie” by default such as Cookie with 0 expiration timestamp.
Note: Runtime Configuration.
|
1 2 3 |
< ; Lifetime in seconds of cookie or, if 0, until browser is restarted. session.cookie_lifetime = 0 ?> |
therefore, the PHP session Management cookie” may have a specific expiration timestamp.
if session.cookie_lifetime it has a nonzero expiration time, the PHP session management “Cookie” expires at a specific time.
The answer to this question:
therefore, the Current PHP session module does not manage timestamp/expiration precisely.
it is a recommended web app session manager to manage web app sessions timestamp/expiration precisely.
furthermore, the PHP session module data for expired PHP session cookie may remain at the server-side until the session data garbage collection.
we can say that the clients can access expired PHP session data with the expired PHP session ID.
Note: How long expired PHP session data is kept is depend on php.ini setup and session save handler.
Are sessions in PHP better than cookies?
as a PHP developer, you can use cookies and sessions for storing data across pages on your site.
however, therefore having the differences between the cookies and sessions that will make each favorable in their own circumstance.
the sessions are stored on the server, which means that clients do not have access to the information you store about them-
therefore, session data is stored on your server, does not need to be transmitted with each page, clients just need to spend an ID and the data is loaded from the local file.
whereas many web browsers have a limit on how big cookies can be to stop rogue web sites chewing up gigabytes
of data with meaningless cookies information.
finally, sessions can be any size which you want because sessions are held on your server.
therefore, the cookies can be set to a long lifespan, which means that the data stored in a cookie can be
stored for months if not years. cookies, having their data stored on client-server, which works very smoothly
when you have a cluster of web servers.
whereas the sessions are stored on the server, therefore in the word we can say your web servers handle the first request, the other web servers in your cluster will not have the stored information.
About Author
