Specifications

You can delete a cookie by calling setcookie() again with the same cookie name but no

value. If you set the cookie with other parameters (such as specific URLs or expiry dates), you

will need to send the same parameters again, or you won’t be able to delete the cookie.

You can also set a cookie manually via the Header() function and the cookie syntax given pre-

viously. One tip is that cookie headers must be sent before any other headers, or they will not

work.

Using Cookies with Sessions

Cookies have some associated problems: Some browsers do not accept cookies, and some

users might have disabled cookies in their browsers. This is one of the reasons PHP sessions

use a dual cookie/URL method. (We’ll discuss more about this in a minute.)

When you are using PHP sessions, you will not have to manually set cookies. The session

functions will take care of this for you.

You can use the function

session_get_cookie_params() to see the contents of the cookie set

by session control. It returns an associative array containing the elements lifetime, path, and

domain.

You can also use

session_set_cookie_params($lifetime, $path, $domain);

to set the session cookie parameters.

If you want to read more about cookies, you can consult the cookie specification on Netscape’s

site:

http://home.netscape.com/newsref/std/cookie_spec.html

Storing the Session ID

PHP will use cookies by default with sessions. If possible, a cookie will be set to store the ses-

sion ID.

The other method it can use is adding the session ID to the URL. You can set this to happen

automatically if you compile PHP with the

--enable-trans-sid option.

Alternatively, you can manually embed the session ID in links so that it is passed along. The

session ID is stored in the constant SID. To pass it along manually, you add it to the end of a

link similar to a GET parameter:

Advanced PHP Techniques

ART IV

432

25 7842 CH20 3/6/01 3:42 PM Page 432