This function is used to set a cookie.

A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user’s computer. Each time the same computer requests a page with a browser, it will send the cookie too. With PHP, you can both create and retrieve cookie values.

Syntax: setcookie(name, value, expire, path, domain,secure,httponly).


When you create a cookie,using the function setcookie,the parameters name, value, expire, path, domain are used.All the parameters except the name argument are optional.

The first parameter “name” is Required. It specifies the name of your cookie. You will use this name to later retrieve your cookie, so don’t forget it!

The second parameter “value” is Optional. It specifies the value that is stored in your cookie. Common values are username(string) and last visit(date).

The third parameter “expiration” is Optional The date when the cookie will expire and be deleted. If you do not set this expiration date, then it will be treated as a session cookie and be removed when the browser is restarted.

The fourth parameter “path” is Optional. It specifies on the server in which the cookie will be available on. If set to ‘/’, the cookie will be available within the entire domain. If set to ‘/example/’, the cookie will only be available within the /example/ directory and all sub-directories such as /example/examp/ of domain. The default value is the current directory that the cookie is being set in.

The fifth parameter “domain” is Optional.It specifies that the cookie is available to. To make the cookie available on all subdomains of (including itself) then you’d set it to ‘’. Although some browsers will accept cookies without the initial ., ยป RFC 2109 requires it to be included. Setting the domain to ‘’ or ‘’ will make the cookie only available in the www subdomain.

The sixth parameter “secure” is Optional.It specifies that the cookie should only be transmitted over a secure HTTPS connection from the client. When set to TRUE, the cookie will only be set if a secure connection exists. On the server-side, it’s on the programmer to send this kind of cookie only on secure connection (e.g. with respect to $_SERVER[“HTTPS”]).

The seventh parameter “httponly” is Optional.It specifies When TRUE the cookie will be made accessible only through the HTTP protocol. This means that the cookie won’t be accessible by scripting languages, such as JavaScript. This setting can effectively help to reduce identity theft through XSS attacks (although it is not supported by all browsers). Added in PHP 5.2.0. TRUE or FALSE.


//Calculate 30 days in the future
//seconds * minutes * hours * days + current time
$inOneMonth = 60 * 60 * 24 * 30 + time(); 
setcookie('lastVisit', date("G:i - m/d/y"), $inOneMonth); 


In the above example we have created a cookie that stores the user’s last visit. We want to ignore people that take longer than one month to return to the site, so we have set the cookie’s expiration date to one month in the future!

eXTReMe Tracker