Using Cookies in PHP

It's got to happen sooner or later. Even if you're using PHP (and perhaps MySQL with it) to make as much of your site dynamic as possible, you won't be able to make a site truly interactive and tailored to individual users unless you use something more. Something like "cookies."

Cookies, unfortunately, have been given a bad rap. I once, during an Internet Safety Course, was told (from a police officer, no less!) that if I visit a site, the owner of the site could use something called a "cookie" to view my name and address. I refrained from correcting the officer, but was tempted to. The statement was very far off.

Cookies are tiny files containing text stored on your computer. A website can set them, and read from them. They can read different things about your visit, such as your IP address, or perhaps your screen resolution. Or, the pages you visited and forms you filled out. They cannot, however, read your name and address if you don't provide them with it.

Now that that's out of the way, let's get started. Let's create a page that sets a simple cookie (name it "setcookie.php", or "setcookie.php3", depending on your server's settings):

setcookie("user", $username, time()+604800); /* Expires in a week */

This is fairly simple. We're using PHP's built in "setcookie" function. As you can see, it accepts several arguments. The first argument, within double-quotes, is the name of the cookie. In this case, it is "user" - we're storing a username. The second argument is a variable, obviously given a value beforehand. The third argument specifies the length that the cookie should be considered "active" - or, in other words, determines the expiration date at which the cookie is discarded.

In this case, we have it set to expire in one week. The number you see there (604800) is the number of seconds in a week, and the text after the setcookie command is a small comment informing us of how long it will take for the cookie to expire. Using comments, in this case, is a very good idea. This way, we don't have to memorize how many seconds make up a day, a week, or a month.

Here's a small reference on numbers and the amount of time they signify in determining the expiration date/time of a cookie:

One Minute: 60
Ten Minutes: 600
Half-an-Hour: 1800
One Hour: 3600
One Day: 86400
One Week: 604800
Two Weeks: 1209600
One Month (30 days): 2592000
One Year (365 days): 31536000

You can probably work with these numbers to determine how many seconds are in any given amount of time. Be sure to have a calculator handy, though! If you lack a real-life calculator, Windows users can click on their Start Menu, choose "Run", and type in "CALC."[PAGEBREAK]Using the earlier command, you'll create a cookie, accessible only on your domain name, with the name "user." This cookie's value, if called upon, will be whatever the variable $username holds. You could have just as easily replaced $username with any string of text to specify the value of the cookie, provided that the string is enclosed in double-quotes and escapes any inappropriate characters within.