The PHP SETCOOKIE function makes it easy to track users through their browser, creating persistent logins and tracking user engagement and activity. 

Today, we’re going to take a deeper look into setting cookies with PHP, managing and maintaining those cookies, and even some cookie alternatives. All of this will be based on some preexisting knowledge of PHP.

Open Screen laptop with coded language. PHP code on a laptop.

What is a cookie?

Have you ever wondered how websites know who you are? It’s all about cookies. “Cookies” are small files on your computer that websites can read. They place those files to identify you — tracking you and your accounts through the internet.

Today, cookie use is actually a little controversial. To adhere to European laws, you need to ask whether you can place a cookie on a user device. Tracking cookies are increasingly being blocked on mobile devices like iOS and Android. Cookies are still very important, but you have to be careful about how you use them and when.

How do you use PHP SETCOOKIE?

On the surface, using PHP SETCOOKIE is very simple. Here’s the formula from the PHP manual:

	setcookie($name, $value, $expires_or_options, $path, $domain, $secure, $http_only);

To set a cookie, you would usually use code like this:

	setcookie("Hello_World", "Hello, World!", time()+86400, "/", "", 1, 1);
PHP for Beginners – Become a PHP Master – CMS Project

Last Updated October 2022

  • 336 lectures
  • All Levels
4.3 (24,694)

PHP for Beginners: learn everything you need to become a professional PHP developer with practical exercises & projects. | By Edwin Diaz, Coding Faculty Solutions

Explore Course

Now, let’s explain these parameters:

So, you need to use the setcookie name, value, expire path, and expire time to set the cookie properly. You can control things like the cookie’s name, value, expiration date, whether it will expire in 30 days or longer, and whether it needs a secure HTTPS connection. You can also secure HTTPONLY and SameSite by setting the domain and the path.

How do you access data on a cookie?

Once a cookie has been set, it still has to be accessed. The PHP super variable $_COOKIE is used to access the data as a global PHP array

You don’t need to do anything special. You just need to access the variable that you’ve set through the same string name string that you set. The data can then be used and manipulated just like any other string, such as through PHP ECHO.

	echo $_COOKIE["Hello_World"];

The above code will print out the contents of the Hello_World cookie.

Now, if the expiration date was 0 or omitted, and the user closed their browser, then the cookie won’t exist. And if it’s checking to see whether a secure connection exists, and one does not, the cookie will return blank. So, when you do access the data on a cookie, you should verify that you’re actually receiving that data.

	if(!isset($_COOKIE["Hello_World"])) {
		print("The cookie isn't set!");

You would use the above test to see whether the appropriate cookie is set. 

What is SETCOOKIE used for? Primarily, PHP SETCOOKIE will be used to log someone into a website. Let’s look at a very rudimentary example:

	$login_name = "Mary";
	SETCOOKIE("login_name", "Mary");

	print("Hello," . $_COOKIE["login_name"] . "!");

The above example sets the login name to Mary within a cookie and then pulls that login name. The $_COOKIE variable will be persistent throughout the website, so other pages would simply need to read:

if(isset($_COOKIE["login_name"])) {
		print("You're logged in as:" . $_COOKIE["login_name"]);

Usually, you would be checking the login name and a login password against a database, with the login password being properly encrypted throughout. But regardless, a cookie sets a persistent variable that will exist across the website until it expires or is unset.

Top courses in PHP (programming language)

Working with multiple PHP cookies

Note that because $_COOKIE is a global array, you can set multiple cookies. Consider setting a cookie named “username” and a cookie named “password.” You would access these as follows:


Some sites prefer to keep all their information contained in a single cookie value and then later parsed. Other sites will use multiple cookies. It’s generally a good practice to use as few cookies as you can for your needs. 

How do you unset a cookie?

In PHP, unsetting a cookie is actually a little counterintuitive. You might think that you do the following:


But that actually doesn’t unset the cookie itself; it just deletes the global variable used to reference the cookie within that script.

To unset a cookie, you have to reset the cookie but with an expiration date that has already passed:

	setcookie("Hello_World", null, time() - 1);

In the above PHP SETCOOKIE function, what we’re doing is setting the same cookie again. Now the value is null (because we don’t need the value to exist anymore) and the expiration time is set to TIME() (the time right now) minus one second. The cookie will be automatically deleted.

Alternatives to using PHP SETCOOKIE

It’s believed that the future might be a “cookie”-less world. Cookies have been used for the past few decades for persistent data and session control. But increasing privacy concerns have made cookies slightly defunct.

In PHP, it’s considered a better practice to use “sessions.” PHP sessions can fulfill the roles of cookies, but under more rigid (and therefore more secure) constraints.

There’s still a place for cookies, particularly for anonymous but persistent connections, user behavior tracking, and improving user engagement. 

Learning more about PHP SETCOOKIE

SETCOOKIE is one of the most basic PHP functions. If you want to create a website that interacts with users, you will need to use either SETCOOKIE or learn how to use PHP sessions. But you’ll also need to learn the basics of proper user authentication and PHP form validation.

A PHP tutorial can tell you more about what you want to learn about PHP — especially about creating user sessions and user accounts. To continue learning PHP, consider taking a beginner’s course or try a bootcamp that takes you from A-Z.

Page Last Updated: March 2022