Cookie
class Cookie (View source)
Represents a HTTP Cookie as of RFC 6265
Constants
PATTERN_TOKEN |
A token as per RFC 2616, Section 2.2 |
PATTERN_MAX_AGE |
The max age pattern as per RFC 6265, Section 5.2.2 |
PATTERN_DOMAIN |
A simplified pattern for a basically valid domain ( |
PATTERN_PATH |
A path as per RFC 6265, 4.1.1 |
SAMESITE_NONE |
|
SAMESITE_LAX |
|
SAMESITE_STRICT |
|
Properties
protected string | $name | Cookie Name, a token (RFC 6265, 4.1.1) |
|
protected string | $value | ||
protected int | $expiresTimestamp | Unix timestamp of the expiration date / time or 0 for "session" expiration (RFC 6265, 4.1.2.1) |
|
protected int | $maximumAge | Number of seconds until the cookie expires (RFC 6265, 4.1.2.2) |
|
protected string | $domain | Hosts to which this cookie will be sent (RFC 6265, 4.1.2.3) |
|
protected string | $path | ||
protected bool | $secure | ||
protected bool | $httpOnly | ||
protected string | $sameSite | Possible values: none, lax, or strict (RFC 6265bis-05, 8.8) |
Methods
Constructs a new Cookie object
Creates a cookie (an instance of this class) by a provided raw header string like "foo=507d9f20317a5; path=/; domain=.example.org" This is is an implementation of the algorithm explained in RFC 6265, Section 5.2 A basic statement of this algorithm is to "ignore the set-cookie-string entirely" in case a required condition is not met. In these cases this function will return NULL rather than the created cookie.
Returns the name of this cookie
Returns the value of this cookie
Sets the value of this cookie
Returns the date and time of the Expires attribute, if any.
Returns the number of seconds until the cookie expires, if defined.
Returns the domain this cookie is valid for.
Returns the path this cookie is valid for.
Tells if the cookie was flagged to be sent over "secure" channels only.
Tells if this cookie should only be used through the HTTP protocol.
Returns the SameSite of this cookie
Marks this cookie for removal.
Tells if this cookie is expired and will be removed in the user agent when it received the response containing this cookie.
Renders the field value suitable for a HTTP "Set-Cookie" header.
Details
__construct(string $name, mixed $value = null, int|DateTime $expires = 0, int $maximumAge = null, string $domain = null, string $path = '/', bool $secure = false, bool $httpOnly = true, string $sameSite = null)
Constructs a new Cookie object
static Cookie
createFromRawSetCookieHeader(string $header)
Creates a cookie (an instance of this class) by a provided raw header string like "foo=507d9f20317a5; path=/; domain=.example.org" This is is an implementation of the algorithm explained in RFC 6265, Section 5.2 A basic statement of this algorithm is to "ignore the set-cookie-string entirely" in case a required condition is not met. In these cases this function will return NULL rather than the created cookie.
string
getName()
Returns the name of this cookie
mixed
getValue()
Returns the value of this cookie
void
setValue(mixed $value)
Sets the value of this cookie
int
getExpires()
Returns the date and time of the Expires attribute, if any.
Note that this date / time is returned as a unix timestamp, no matter what the format was originally set through the constructor of this Cookie.
The special case "no expiration time" is returned in form of a zero value.
int
getMaximumAge()
Returns the number of seconds until the cookie expires, if defined.
This information is rendered as the Max-Age attribute (RFC 6265, 4.1.2.2). Note that not all browsers support this attribute.
string
getDomain()
Returns the domain this cookie is valid for.
string
getPath()
Returns the path this cookie is valid for.
bool
isSecure()
Tells if the cookie was flagged to be sent over "secure" channels only.
This security measure only has a limited effect. Please read RFC 6265 Section 8.6 for more details.
bool
isHttpOnly()
Tells if this cookie should only be used through the HTTP protocol.
string|null
getSameSite()
Returns the SameSite of this cookie
void
expire()
Marks this cookie for removal.
On executing this method, the expiry time of this cookie is set to a point in time in the past triggers the removal of the cookie in the user agent.
bool
isExpired()
Tells if this cookie is expired and will be removed in the user agent when it received the response containing this cookie.
string
__toString()
Renders the field value suitable for a HTTP "Set-Cookie" header.