PHPackages                             buzzingpixel/cookie-api - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility &amp; Helpers](/categories/utility)
4. /
5. buzzingpixel/cookie-api

ArchivedLibrary[Utility &amp; Helpers](/categories/utility)

buzzingpixel/cookie-api
=======================

Cookie API

2.0.1(7y ago)09932Apache-2.0PHPPHP &gt;=7.2

Since Jan 2Pushed 7y ago1 watchersCompare

[ Source](https://github.com/buzzingpixel/cookie-api)[ Packagist](https://packagist.org/packages/buzzingpixel/cookie-api)[ RSS](/packages/buzzingpixel-cookie-api/feed)WikiDiscussions master Synced 4d ago

READMEChangelog (2)Dependencies (7)Versions (9)Used By (2)

BuzzingPixel Cookie API
=======================

[](#buzzingpixel-cookie-api)

[![](https://camo.githubusercontent.com/4da24afc5c4bad392e469a0fe6a0e6e66753b00f18c8f641c6fbe72f86860aad/68747470733a2f2f7472617669732d63692e6f72672f62757a7a696e67706978656c2f636f6f6b69652d6170692e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/buzzingpixel/cookie-api)

Provides a an easy to use API and entity for dealing with cookies in PHP.

And it does stuff like encrypting cookie contents. While you shouldn't generally put things in cookies that should be kept secret, there are always attack vectors that could be exploited and encrypting cookie contents narrows attack vectors. For instance if you store the primary key of a database row in a cookie \[which you probably shouldn't, but everyone has done it\], and it then becomes easy to increment or decrement that number and spoof a cookie to provide access to something that user maybe shouldn't have access to.

And by using [libsodium](https://github.com/jedisct1/libsodium-php) encryption, it ensures that cookie values cannot be tampered with.

Usage
-----

[](#usage)

ENCRYPTION\_KEY environment variable
------------------------------------

[](#encryption_key-environment-variable)

You must have an environment variable set called `ENCRYPTION_KEY` and it must be exactly 32 characters in length. This key should be kept SECRET at all times. It's the secret key and should never be revealed to the public or else your encrypted data can be read by anyone.

### Creating a cookie entity

[](#creating-a-cookie-entity)

```