Detailed explanation of cookie usage cases in PHP
This time I will bring you a detailed explanation of cookie usagecases in PHP, and what are thenotesfor using cookies in PHP. The following is a practical case, let’s take a look.
What is a cookie
Cookies, that is, small cookies, are some pieces of data stored on the user agent side (browsers are the most common user agents). When browsing the web, the browser will put the valid cookie of the current page in the header of the request and send it to the server.
Cookie composition
Cookie consists of the following parts:
domain, the domain name to which the cookie belongs. When the browser sends a cookie, it will check the domain name to which the cookie belongs and only send it if it matches. The browser will send the cookie under the tlanyan.me domain to the page request of www.tlanyan.me or dev.tlanyan.me, but will not send it to www.baidu.com. Similarly, the cookie of dev.tlanyan.me cannot be sent to tlanyan.me because the domain name is limited to the dev subdomain.
path, the path where the cookie belongs. Cookies set to /author will not be sent to the /category path, but cookies set to / will be sent to all page requests.
name, the name of the cookie (key name).
value, the value (content) of the cookie.
expires, expiration time.
secure, whether the cookie will only be sent when https.
httponly, whether it is only used for http transmission. When set to true, browser-side scripting language will not be able to access the cookie.
Uses of cookies
Cookies are mainly used in the following areas:
http is a stateless protocol, and additional data is required to mark the session in order to maintain it. , cookies are the most commonly used means. The two common types of cookies, PHPSESSID and JSESSIONID, are used to maintain sessions in PHP and Java web applications respectively.
Some data needs to be stored on the client side, and cookies are an option. After the user checks "Don't prompt again", the logo can be saved to the client, and the program can be accessed again to read the settings and decide whether to display it. With the popularity of HTML 5, this part of the function is slowly being replaced by localStorage.
Cookie operation on the PHP side
Reading cookies can read all cookies passed by the user through $_COOKIESuper global variable. $_COOKIE is an array that can be traversed to read the name and value of the cookie sent. The browser only sends the key value of the cookie to the server, so it cannot read the domain/path/exipres and other information of the cookie because.
PHP provides the setcookie function to send cookies to the client. The function signature of setcookie is:
bool setcookie ( string $name [, string $value = "" [, int $expire = 0 [, string $path = "" [, string $domain = "" [, bool $secure = false [, bool $httponly = false ]]]]]] )
The parameters correspond to the content of the cookie: expires defaults to 0, which means that it is only valid for the current session. The cookie will be cleared after the user closes the browser; path defaults to the current page path , that is, the part before the last backslash of the URL; domain defaults to the domain name of the current page. If you want to expand the scope of use, it can be set to the parent domain name or top-level domain name; httponly defaults to false, and it is recommended to set it to true to avoid XSS attacks.
To delete a cookie, you only need to set the expires of the cookie to the past timestamp , such as time() – 3600. So to delete the cookie foo, the code can be
setcookie('foo', '', time() - 3600);
Good practices for cookies
It can be seen from the literal meaning of the cookie that it saves data fragments. Cookies are used frequently in web development and should be understood more. The following are some good practices for using cookies:
Oversized and excessive data should not be saved in cookies;
Cookies are clearly visible on the client and in transmission, and sensitive data should not be saved in cookies Information;
For the security of the site and users, set the httponly attribute of the cookie to true as much as possible;
Cookies are fully controlled by the client and are also external inputs. The server cannot blindly trust them and should filter them.
Others
Cookies are sent with the request and set to the client with the response. After understanding this process, you can understand some common problems faced by novices, such as the following code:
if (!isset($_COOKIE['foo']) {
setcookie('foo', 'foobar');
}
$foo = $_COOKIE['foo'];When the cookie foo is not set, an error will occur on line 5. The reason is that setcookie sets the cookie information for this response. The browser needs to receive the response and set it before it can attach the cookie to subsequent requests, and it is not reflected in this request.
Similarly, cookies exist in the header information of requests and responses, and the header should be before the request body, so the function context usage restrictions of setcookie are the same as the header function, that is: the response body cannot have been sent before.
I believe you have mastered the method after reading the case in this article. For more exciting information, please pay attention to other related articles on the php Chinese website!
Recommended reading:
php curl batch implementation of controllable concurrent asynchronous operation case details
PHP MySQL implements message queue Detailed explanation of steps
The above is the detailed content of Detailed explanation of cookie usage cases in PHP. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian
Dec 24, 2024 pm 04:42 PM
PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati
7 PHP Functions I Regret I Didn't Know Before
Nov 13, 2024 am 09:42 AM
If you are an experienced PHP developer, you might have the feeling that you’ve been there and done that already.You have developed a significant number of applications, debugged millions of lines of code, and tweaked a bunch of scripts to achieve op
How To Set Up Visual Studio Code (VS Code) for PHP Development
Dec 20, 2024 am 11:31 AM
Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
PHP Program to Count Vowels in a String
Feb 07, 2025 pm 12:12 PM
A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase. What is a vowel? Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase: a, e, i, o, u Example 1 Input: String = "Tutorialspoint" Output: 6 explain The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total
How do you parse and process HTML/XML in PHP?
Feb 07, 2025 am 11:57 AM
This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an
Explain late static binding in PHP (static::).
Apr 03, 2025 am 12:04 AM
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
What are PHP magic methods (__construct, __destruct, __call, __get, __set, etc.) and provide use cases?
Apr 03, 2025 am 12:03 AM
What are the magic methods of PHP? PHP's magic methods include: 1.\_\_construct, used to initialize objects; 2.\_\_destruct, used to clean up resources; 3.\_\_call, handle non-existent method calls; 4.\_\_get, implement dynamic attribute access; 5.\_\_set, implement dynamic attribute settings. These methods are automatically called in certain situations, improving code flexibility and efficiency.
