Chapter 35. Cookies
PHP transparently supports HTTP cookies. Cookies are a mechanism for
storing data in the remote browser and thus tracking or identifying return
users. You can set cookies using the setcookie() or
setrawcookie()
function. Cookies are part of the HTTP header, so
setcookie() must be called before any output is sent to
the browser. This is the same limitation that header()
has. You can use the output buffering
functions to delay the script output until you have decided whether
or not to set any cookies or send any headers.
Any cookies sent to you from the client will automatically be included into
a $_COOKIE auto-global
array if variables_order
contains "C". If you wish to assign multiple values to a single
cookie, just add [] to the cookie name.
Depending on register_globals,
regular PHP variables can be created from cookies. However it's not
recommended to rely on them as this feature is often turned off for the
sake of security.
$HTTP_COOKIE_VARS is also set in earlier versions of PHP
when the track_vars configuration
variable is set. (This setting is always on since PHP 4.0.3.)
For more details, including notes on browser bugs, see the
setcookie() and setrawcookie()
function.