Cookie Helper
The Cookie Helper file contains functions that assist in working with cookies.
Loading this Helper
This helper is loaded using the following code:
<?php
helper('cookie');
Available Functions
The following functions are available:
- set_cookie($name[, $value = ''[, $expire = ''[, $domain = ''[, $path = '/'[, $prefix = ''[, $secure = false[, $httpOnly = false[, $sameSite = '']]]]]]]])
- Parameters
$name (
array|Cookie|string
) – Cookie name or associative array of all of the parameters available to this function or an instance ofCodeIgniter\Cookie\Cookie
$value (
string
) – Cookie value$expire (
int
) – Number of seconds until expiration. If set to0
the cookie will only last as long as the browser is open$domain (
string
) – Cookie domain (usually: .yourdomain.com)$path (
string
) – Cookie path$prefix (
string
) – Cookie name prefix. If''
, the default from app/Config/Cookie.php is used$secure (
bool
) – Whether to only send the cookie through HTTPS. Ifnull
, the default from app/Config/Cookie.php is used$httpOnly (
bool
) – Whether to hide the cookie from JavaScript. Ifnull
, the default from app/Config/Cookie.php is used$sameSite (
string
) – The value for the SameSite cookie parameter. Ifnull
, the default from app/Config/Cookie.php is used
- Return type
void
Note
Prior to v4.2.7, the default values of
$secure
and$httpOnly
werefalse
due to a bug, and these values from app/Config/Cookie.php were never used.This helper function gives you friendlier syntax to set browser cookies. Refer to the Response Library for a description of its use, as this function is an alias for
CodeIgniter\HTTP\Response::setCookie()
.
- get_cookie($index[, $xssClean = false[, $prefix = '']])
- Parameters
$index (
string
) – Cookie name$xssClean (
bool
) – Whether to apply XSS filtering to the returned value$prefix (
string|null
) – Cookie name prefix. If set to''
, the default value from app/Config/Cookie.php will be used. If set tonull
, no prefix
- Returns
The cookie value or null if not found
- Return type
mixed
Note
Since v4.2.1, the third parameter
$prefix
has been introduced and the behavior has been changed a bit due to a bug fix. See Upgrading for details.This helper function gives you friendlier syntax to get browser cookies. Refer to the IncomingRequest Library for detailed description of its use, as this function acts very similarly to
CodeIgniter\HTTP\IncomingRequest::getCookie()
, except it will also prepend theConfig\Cookie::$prefix
that you might’ve set in your app/Config/Cookie.php file.Warning
Using XSS filtering is a bad practice. It does not prevent XSS attacks perfectly. Using
esc()
with the correct$context
in the views is recommended.
- delete_cookie($name[, $domain = ''[, $path = '/'[, $prefix = '']]])
- Parameters
$name (
string
) – Cookie name$domain (
string
) – Cookie domain (usually: .yourdomain.com)$path (
string
) – Cookie path$prefix (
string
) – Cookie name prefix
- Return type
void
Lets you delete a cookie. Unless you’ve set a custom path or other values, only the name of the cookie is needed.
<?php delete_cookie('name');
This function is otherwise identical to
set_cookie()
, except that it does not have thevalue
andexpire
parameters.Note
When you use
set_cookie()
, if thevalue
is set to empty string and theexpire
is set to0
, the cookie will be deleted. If thevalue
is set to non-empty string and theexpire
is set to0
, the cookie will only last as long as the browser is open.You can submit an array of values in the first parameter or you can set discrete parameters.
<?php delete_cookie($name, $domain, $path, $prefix);
- has_cookie(string $name[, ?string $value = null[, string $prefix = '']])
- Parameters
$name (
string
) – Cookie name$value (
string|null
) – Cookie value$prefix (
string
) – Cookie prefix
- Return type
bool
Checks if a cookie exists by name. This is an alias of
Response::hasCookie()
.