PHPackages delight-im/cookie - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. delight-im/cookie ActiveLibrary[HTTP & Networking](/categories/http) delight-im/cookie ================= Modern cookie management for PHP v3.4.0(6y ago)1681.2M↑34.7%46[2 issues](https://github.com/delight-im/PHP-Cookie/issues)[2 PRs](https://github.com/delight-im/PHP-Cookie/pulls)11MITPHPPHP >=5.4.0 Since Jun 8Pushed 1y ago14 watchersCompare [ Source](https://github.com/delight-im/PHP-Cookie)[ Packagist](https://packagist.org/packages/delight-im/cookie)[ Docs](https://github.com/delight-im/PHP-Cookie)[ RSS](/packages/delight-im-cookie/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (1)Versions (21)Used By (11) PHP-Cookie ========== [](#php-cookie) Modern cookie management for PHP Requirements ------------ [](#requirements) - PHP 5.4.0+ Installation ------------ [](#installation) 1. Include the library via Composer [\[?\]](https://github.com/delight-im/Knowledge/blob/master/Composer%20(PHP).md): ``` $ composer require delight-im/cookie ``` 2. Include the Composer autoloader: ``` require __DIR__ . '/vendor/autoload.php'; ``` Upgrading --------- [](#upgrading) Migrating from an earlier version of this project? See our [upgrade guide](Migration.md) for help. Usage ----- [](#usage) ### Static method [](#static-method) This library provides a static method that is compatible to PHP’s built-in `setcookie(...)` function but includes support for more recent features such as the `SameSite` attribute: ``` \Delight\Cookie\Cookie::setcookie('SID', '31d4d96e407aad42'); // or \Delight\Cookie\Cookie::setcookie('SID', '31d4d96e407aad42', time() + 3600, '/~rasmus/', 'example.com', true, true, 'Lax'); ``` ### Builder pattern [](#builder-pattern) Instances of the `Cookie` class let you build a cookie conveniently by setting individual properties. This class uses reasonable defaults that may differ from defaults of the `setcookie` function. ``` $cookie = new \Delight\Cookie\Cookie('SID'); $cookie->setValue('31d4d96e407aad42'); $cookie->setMaxAge(60 * 60 * 24); // $cookie->setExpiryTime(time() + 60 * 60 * 24); $cookie->setPath('/~rasmus/'); $cookie->setDomain('example.com'); $cookie->setHttpOnly(true); $cookie->setSecureOnly(true); $cookie->setSameSiteRestriction('Strict'); // echo $cookie; // or $cookie->save(); // or // $cookie->saveAndSet(); ``` The method calls can also be chained: ``` (new \Delight\Cookie\Cookie('SID'))->setValue('31d4d96e407aad42')->setMaxAge(60 * 60 * 24)->setSameSiteRestriction('None')->save(); ``` A cookie can later be deleted simply like this: ``` $cookie->delete(); // or $cookie->deleteAndUnset(); ``` **Note:** For the deletion to work, the cookie must have the same settings as the cookie that was originally saved – except for its value, which doesn’t need to be set. So you should remember to pass appropriate values to `setPath(...)`, `setDomain(...)`, `setHttpOnly(...)` and `setSecureOnly(...)` again. ### Reading cookies [](#reading-cookies) - Checking whether a cookie exists: ``` \Delight\Cookie\Cookie::exists('first_visit'); ``` - Reading a cookie’s value (with optional default value): ``` \Delight\Cookie\Cookie::get('first_visit'); // or \Delight\Cookie\Cookie::get('first_visit', \time()); ``` ### Managing sessions [](#managing-sessions) Using the `Session` class, you can start and resume sessions in a way that is compatible to PHP’s built-in `session_start()` function, while having access to the improved cookie handling from this library as well: ``` // start session and have session cookie with 'lax' same-site restriction \Delight\Cookie\Session::start(); // or \Delight\Cookie\Session::start('Lax'); // start session and have session cookie with 'strict' same-site restriction \Delight\Cookie\Session::start('Strict'); // start session and have session cookie without any same-site restriction \Delight\Cookie\Session::start(null); // or \Delight\Cookie\Session::start('None'); // Chrome 80+ ``` All three calls respect the settings from PHP’s `session_set_cookie_params(...)` function and the configuration options `session.name`, `session.cookie_lifetime`, `session.cookie_path`, `session.cookie_domain`, `session.cookie_secure`, `session.cookie_httponly` and `session.use_cookies`. Likewise, replacements for ``` session_regenerate_id(); // and session_regenerate_id(true); ``` are available via ``` \Delight\Cookie\Session::regenerate(); // and \Delight\Cookie\Session::regenerate(true); ``` if you want protection against session fixation attacks that comes with improved cookie handling. Additionally, access to the current internal session ID is provided via ``` \Delight\Cookie\Session::id(); ``` as a replacement for ``` session_id(); ``` ### Reading and writing session data [](#reading-and-writing-session-data) - Read a value from the session (with optional default value): ``` $value = \Delight\Cookie\Session::get($key); // or $value = \Delight\Cookie\Session::get($key, $defaultValue); ``` - Write a value to the session: ``` \Delight\Cookie\Session::set($key, $value); ``` - Check whether a value exists in the session: ``` if (\Delight\Cookie\Session::has($key)) { // ... } ``` - Remove a value from the session: ``` \Delight\Cookie\Session::delete($key); ``` - Read *and then* immediately remove a value from the session: ``` $value = \Delight\Cookie\Session::take($key); $value = \Delight\Cookie\Session::take($key, $defaultValue); ``` This is often useful for flash messages, e.g. in combination with the `has(...)` method. ### Parsing cookies [](#parsing-cookies) ``` $cookieHeader = 'Set-Cookie: test=php.net; expires=Thu, 09-Jun-2016 16:30:32 GMT; Max-Age=3600; path=/~rasmus/; secure'; $cookieInstance = \Delight\Cookie\Cookie::parse($cookieHeader); ``` Specifications -------------- [](#specifications) - [RFC 2109](https://tools.ietf.org/html/rfc2109) - [RFC 6265](https://tools.ietf.org/html/rfc6265) - [Same-site Cookies](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-04) (formerly [2016-06-20](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00) and [2016-04-06](https://tools.ietf.org/html/draft-west-first-party-cookies-07)) - [Amendment](https://tools.ietf.org/html/draft-west-cookie-incrementalism-00): [Default to `Lax`](https://chromestatus.com/feature/5088147346030592) and [require `secure` attribute for `None`](https://chromestatus.com/feature/5633521622188032) (Note: There are [incompatible clients](https://www.chromium.org/updates/same-site/incompatible-clients)) Contributing ------------ [](#contributing) All contributions are welcome! If you wish to contribute, please create an issue first so that your feature, problem or question can be discussed. License ------- [](#license) This project is licensed under the terms of the [MIT License](https://opensource.org/licenses/MIT). ### Health Score 48 — FairBetter than 95% of packages Maintenance27 Infrequent updates — may be unmaintained Popularity57 Moderate usage in the ecosystem Community29 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 97% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~74 days Recently: every ~138 days Total 20 Last Release 2223d ago Major Versions v1.3.0 → v2.0.02016-07-21 v2.2.0 → v3.0.02017-10-14 PHP version history (3 changes)v1.0.0PHP >=5.3.0 v2.1.1PHP >=5.6.0 v2.1.2PHP >=5.4.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/cabc03c705598aed200d843d4e5b1c6350729b060cc61ec8a1bb14e02e5c0a32?d=identicon)[delight-im](/maintainers/delight-im) --- Top Contributors [![ocram](https://avatars.githubusercontent.com/u/1681478?v=4)](https://github.com/ocram "ocram (97 commits)")[![LeSuisse](https://avatars.githubusercontent.com/u/737767?v=4)](https://github.com/LeSuisse "LeSuisse (2 commits)")[![Synchro](https://avatars.githubusercontent.com/u/81561?v=4)](https://github.com/Synchro "Synchro (1 commits)") --- Tags httpcookiesxsscookiecsrfsamesitesame-site ### Embed Badge ![Health badge](/badges/delight-im-cookie/health.svg) ``` [![Health](https://phpackages.com/badges/delight-im-cookie/health.svg)](https://phpackages.com/packages/delight-im-cookie) ``` ### Alternatives [paragonie/cookie Modern cookie management for PHP 7 5654.3k2](/packages/paragonie-cookie)[aplus/http Aplus Framework HTTP Library 2311.6M10](/packages/aplus-http)[nette/http 🌐 Nette Http: abstraction for HTTP request, response and session. Provides careful data sanitization and utility for URL and cookies manipulation. 48819.2M541](/packages/nette-http)[paragonie/csp-builder Easily add and update Content-Security-Policy headers for your project 5412.8M18](/packages/paragonie-csp-builder)[amphp/http-client-cookies Automatic cookie handling for Amp's HTTP client. 14750.8k12](/packages/amphp-http-client-cookies) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)