Post
Ask Question

Understanding Session and Cookies Variables Concept in PHP

The use of session and cookies has great significance in a PHP website. In this article, we will cover sessions and cookies variable concepts and their practical examples. You will learn how to create, update, and delete a cookie.

Definition of Cookie

A cookie is a variable which is stored in a user’s web browser. It is dedicated for the purpose of authentication, saving preferences and identification of server session.

How Do Cookies Work

Every time a browser is connected to the server, the cookie variable’s value is sent to the server. Hence, only the relevant cookies are sent to the domain. Cookies are a suitable method of linking a page for the user’s interaction with a website. The cookies sent by the client will be included in $_COOKIE global variable.

How To Set Cookies

Cookies can be set using setcookie() and setrawcookie() functions. Consider the example below in which a cookie variable is set for a month. This sign ‘/’ indicates that the cookie is available for the entire website. We have used $_COOKIE variable to retrieve the value of cookie. It should be noted that set_cookie function must be initiated before the html tag.

How To Modify A Cookie

We can even modify a cookie value. Consider the following example:

  1. <?php  
  2.     $cookie_name = "employee";  
  3.     $cookie_value = "John Steveson";  
  4.     setcookie($cookie_name$cookie_value, time() + (86400 * 30), "/");  
  5. ?>  
  6.     <html>  
  7.   
  8.     <body>  
  9.         <?php  
  10.             if(!isset($_COOKIE[$cookie_name])) {  
  11.                 echo "Cookie named '" . $cookie_name . "' is not set!";  
  12.             }   
  13.             else {  
  14.                 echo "Cookie '" . $cookie_name . "' is set!<br>";  
  15.                 echo "Value is: " . $_COOKIE[$cookie_name];  
  16.             }  
  17.         ?>  
  18.     </body>  
  19.   
  20. </html>  
Output:

Cookie 'employee' is set!
Value is: John Steveson

Examples:
  1. <!DOCTYPE html>  
  2. <?php  
  3.     $cookie_name = "employee";  
  4.     $cookie_value = "David Klarc";  
  5.     setcookie($cookie_name$cookie_value, time() + (86400 * 30), "/"); // 86400 = 1 day  
  6. ?>  
  7.     <html>  
  8.   
  9.     <body>  
  10.         <?php  
  11.             if(!isset($_COOKIE[$cookie_name])) {  
  12.                 echo "Cookie named '" . $cookie_name . "' is not set!";  
  13.             }  
  14.             else {  
  15.                 echo "Cookie '" . $cookie_name . "' is set!<br>";  
  16.                 echo "Value is: " . $_COOKIE[$cookie_name];  
  17.             }  
  18.         ?>  
  19.         <p><strong>Note:</strong> You might have to reload the page to see the value of the cookie.</p>  
  20.     </body>  
  21.   
  22. </html>  
Output:

Cookie 'employee' is set!
Value is: David Klarc

Note: You might have to reload the page to see the value of the cookie.

How To Delete a Cookie

A cookie can be simply deleted by using the same function set_cookie but with a date in the past. Consider the following example:
  1. <?php  
  2.     // set the expiration date to half an hour ago  
  3.     setcookie("employee""", time() - 1800);  
  4. ?>  
  5.     <html>  
  6.   
  7.     <body>  
  8.         <?php  
  9.             echo "Cookie 'employee' is deleted.";  
  10.         ?>  
  11.     </body>  
  12.   
  13. </html>  
Output:

Cookie 'employee' is deleted

How To check if Cookies are Enabled

You can simply check if cookies are enabled in a PHP script as follows:
  1. <?php  
  2.     setcookie("cookie_test""check", time() + 3600, '/');  
  3. ?>  
  4.     <html>  
  5.   
  6.     <body>  
  7.         <?php  
  8.             if(count($_COOKIE) > 0) {  
  9.                 echo "Cookies are enabled.";  
  10.             }  
  11.             else {  
  12.                 echo "Cookies are disabled.";  
  13.             }  
  14.         ?>  
  15.     </body>  
  16.   
  17. </html>  
Output:

Cookies are enabled.

Definition of Session

Session is a variable which is stored on the server side. It keeps values safe within the variable throughout the user’s interaction. It is a method of tracking and identifying returning users.

How Does It work

A unique identifier known as session id is stored on the client side. Whenever a HTTP request is passed the web server receives the session id.

How To Set Sessions

Session is started using session_start(). They are started with $_SESSION global variable.
Let's consider following examples to understand the concept of Session and cookies

Example 1:

Lets create a page test.php. In this page session variables will be created as follows:
  1. <?php  
  2.     // Start the session  
  3.     session_start();  
  4.     $_SESSION["pet"] = "cat";  
  5.     $_SESSION["petowner"] = "david";  
  6.     echo "Session variables are set.";  
  7. ?>  
  8.     </body>  
  9.   
  10. </html>  
Output:

Session variables are set.

It should be noted that session is always started before any HTML tags.

Method2 for displaying Session variable value:
  1. <?php  
  2.     session_start();  
  3. ?>  
  4.     <!DOCTYPE html>  
  5.     <html>  
  6.   
  7.     <body>  
  8.         <?php  
  9.             // Echo session variables that were set on previous page  
  10.             echo "Favorite pet is " . $_SESSION["pet"] . ".<br>";  
  11.             echo "Pet owner is " . $_SESSION["petowner"] . ".";  
  12.         ?>  
  13.     </body>  
  14.   
  15. </html>  
Output:

Favorite pet is cat.
Pet owner is david

How To Change A Session Variable Value?

You may change session variable value simply by overwriting it.

Consider the previous example:

  1. <?php  
  2.     session_start();  
  3. ?>  
  4. <!DOCTYPE html>  
  5. <html>  
  6.     <body>  
  7.         <?php  
  8.             // to change a session variable, just overwrite it  
  9.             $_SESSION["pet"] = "rabbit";  
  10.             print_r($_SESSION['pet']);  
  11.         ?>  
  12.     </body>  
  13. </html>  
Output:

Rabbit

How To destroy a PHP Session

All session variables can be destroyed using function session_unset() and session_destroy()

Examples:
  1. <?php    
  2.     session_start();    
  3. ?>  
  4. <!DOCTYPE html>  
  5. <html>  
  6.   
  7.     <body>  
  8.         <?php    
  9.             // remove all session variables    
  10.             session_unset();    
  11.             // destroy the session    
  12.             session_destroy();    
  13.             echo "All session variables are now removed, and the session is destroyed.";    
  14.         ?>   
  15.    </body>  
  16.   
  17. </html>  
Output:

All session variables are now removed, and the session is destroyed.

Differences Between Session And Cookie

There are many differences between session and cookie. The major difference is that cookie variables are stored on the client's browser, whereas session variable is stored on the server side. The cookie expires according to the expiration date or time specified within the script whereas the lifespan of a session is until the user closes the browser.

Hence, in this article we have covered the procedure of declaring session and cookie variables. Also, we learned how to retrieve them. If you have any confusion about anything in this lesson, leave a comment and I’ll surely try to clear it up for you.