Intermediate PHP: Sessions & Cookies

Go beyond the basics and master stateful web interactions in PHP using sessions and cookies — key tools for building dynamic, user-aware applications.

1. Cookies vs. Sessions

Cookies are stored on the client and automatically sent with requests. Sessions are stored on the server and offer more secure, temporary state management. 

<?php
session_start();

$_SESSION['username'] = 'Natalie';

echo "Welcome, " . $_SESSION['username'] . "!";
?>

2. Creating Cookies

Use setcookie() to create cookies. Only the name is required; other parameters are optional. 

<?php
setcookie("user_token", "abc123xyz", time() + 3600, "/");
?>

3. Retrieving & Updating

Access cookies via $_COOKIE. Updating is done by calling setcookie() again with the same name and new values. 

<?php
echo $_COOKIE["user_token"];

setcookie("user_token", "updatedValue", time() + 7200, "/");
?>

4. Deleting Cookies

Expire a cookie by setting its time in the past: 

<?php
setcookie("user_token", "", time() - 3600, "/");
?>

5. Understanding Sessions

Sessions are server-side containers for user data. Start them with session_start() before any output. 

<?php

session_start();

$_SESSION['username'] = 'Natalie';
$_SESSION['logged_in'] = true;

if ($_SESSION['logged_in']) {
    echo "Hello, " . $_SESSION['username'] . "! You are logged in.";
}
?>

6. Storing Session Data

<?php
session_start();
$_SESSION["username"] = "Natalie";
?>

7. Accessing & Unsetting

<?php
session_start();
echo $_SESSION["username"];

unset($_SESSION["username"]);
?>

8. Destroying Sessions

<?php
session_start();
session_destroy();
?>

9. Cookie Support Check

<?php
if (count($_COOKIE) > 0) {
    echo "Cookies are enabled.";
} else {
    echo "Cookies are disabled.";
}
?>

This might also interest you