PHPackages muglug/cookie - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. muglug/cookie ActiveLibrary[HTTP & Networking](/categories/http) muglug/cookie ============= Modern cookie management for PHP 7 v3.3.0(6y ago)041.2kMITPHPPHP ^7.1 Since Jun 8Pushed 6y agoCompare [ Source](https://github.com/muglug/PHP-Cookie)[ Packagist](https://packagist.org/packages/muglug/cookie)[ Docs](https://github.com/muglug/PHP-Cookie)[ RSS](/packages/muglug-cookie/feed)WikiDiscussions master Synced 5d ago READMEChangelog (1)Dependencies (1)Versions (11)Used By (0) PHP-Cookie ========== [](#php-cookie) This is a PHP7-only fork of [Delight IM's Cookie library](https://github.com/delight-im/PHP-Cookie)which uses the maximum level of security by default. This means: - Secure is set to `TRUE` unless you override it. - HTTP-Only is set to `TRUE` unless you override it. - Same-Site is set to `Strict` unless you override it. --- Modern cookie management for PHP Requirements ------------ [](#requirements) - PHP 7+ Installation ------------ [](#installation) - Install via [Composer](https://getcomposer.org/) (recommended) `$ composer require paragonie/cookie` Include the Composer autoloader: `require __DIR__.'/vendor/autoload.php';` - or - Install manually - Copy the contents of the [`src`](src) directory to a subfolder of your project - Include the files in your code via `require` or `require_once` Usage ----- [](#usage) ### Static method [](#static-method) This library provides a static method that is compatible to PHP's built-in `setcookie(...)` function but includes support for more recent features such as the [`SameSite`](https://tools.ietf.org/html/draft-west-first-party-cookies-07) attribute: ``` \ParagonIE\Cookie\Cookie::setcookie('SID', '31d4d96e407aad42'); // or \ParagonIE\Cookie\Cookie::setcookie('SID', '31d4d96e407aad42', time() + 3600, '/~rasmus/', 'example.com', true, true, 'Lax'); ``` ### Builder pattern [](#builder-pattern) Instances of the `Cookie` class let you build a cookie conveniently by setting individual properties. This class uses reasonable defaults that may differ from defaults of the `setcookie` function. ``` $cookie = new \ParagonIE\Cookie\Cookie('SID'); $cookie->setValue('31d4d96e407aad42'); $cookie->setMaxAge(60 * 60 * 24); // $cookie->setExpiryTime(time() + 60 * 60 * 24); $cookie->setPath('/~rasmus/'); $cookie->setDomain('example.com'); $cookie->setHttpOnly(true); $cookie->setSecureOnly(true); $cookie->setSameSiteRestriction('Strict'); // echo $cookie; $cookie->save(); ``` The method calls can also be chained: ``` (new \ParagonIE\Cookie\Cookie('SID'))->setValue('31d4d96e407aad42')->setMaxAge(60 * 60 * 24)->setSameSiteRestriction('Strict')->save(); ``` A cookie can later be deleted simply like this: ``` $cookie->delete(); ``` **Note:** For the deletion to work, the cookie must have the same settings as the cookie that was originally saved. So you should remember to pass appropriate values to `setPath(...)`, `setDomain(...)`, `setHttpOnly(...)` and `setSecureOnly(...)` again. ### Managing sessions [](#managing-sessions) Using the `Session` class, you can start and resume sessions in a way that is compatible to PHP's built-in `session_start()` function, while having access to the improved cookie handling from this library as well: ``` // start session and have session cookie with 'lax' same-site restriction \ParagonIE\Cookie\Session::start(); // or \ParagonIE\Cookie\Session::start('Lax'); // start session and have session cookie with 'strict' same-site restriction \ParagonIE\Cookie\Session::start('Strict'); // start session and have session cookie without any same-site restriction \ParagonIE\Cookie\Session::start(null); ``` All three calls respect the settings from PHP's `session_set_cookie_params(...)` function and the configuration options `session.name`, `session.cookie_lifetime`, `session.cookie_path`, `session.cookie_domain`, `session.cookie_secure`, `session.cookie_httponly` and `session.use_cookies`. Likewise, replacements for ``` session_regenerate_id(); // and session_regenerate_id(true); ``` are available via ``` \ParagonIE\Cookie\Session::regenerate(); // and \ParagonIE\Cookie\Session::regenerate(true); ``` if you want protection against session fixation attacks that comes with improved cookie handling. Additionally, access to the current internal session ID is provided via ``` \ParagonIE\Cookie\Session::id(); ``` as a replacement for ``` session_id(); ``` ### Reading and writing session data [](#reading-and-writing-session-data) - Read a value from the session (with optional default value): ``` $value = \ParagonIE\Cookie\Session::get($key); // or $value = \ParagonIE\Cookie\Session::get($key, $defaultValue); ``` - Write a value to the session: ``` \ParagonIE\Cookie\Session::set($key, $value); ``` - Check whether a value exists in the session: ``` if (\ParagonIE\Cookie\Session::has($key)) { // ... } ``` - Remove a value from the session: ``` \ParagonIE\Cookie\Session::delete($key); ``` - Read *and then* immediately remove a value from the session: ``` $value = \ParagonIE\Cookie\Session::take($key); $value = \ParagonIE\Cookie\Session::take($key, $defaultValue); ``` This is often useful for flash messages, e.g. in combination with the `has(...)` method. ### Parsing cookies [](#parsing-cookies) ``` $cookieHeader = 'Set-Cookie: test=php.net; expires=Thu, 09-Jun-2016 16:30:32 GMT; Max-Age=3600; path=/~rasmus/; secure'; $cookieInstance = \ParagonIE\Cookie\Cookie::parse($cookieHeader); ``` Specifications -------------- [](#specifications) - [RFC 2109](https://tools.ietf.org/html/rfc2109) - [RFC 6265](https://tools.ietf.org/html/rfc6265) - [Same-site Cookies](https://tools.ietf.org/html/draft-west-first-party-cookies-07) Contributing ------------ [](#contributing) All contributions are welcome! If you wish to contribute, please create an issue first so that your feature, problem or question can be discussed. License ------- [](#license) This project is licensed under the terms of the [MIT License](https://opensource.org/licenses/MIT). ### Health Score 32 — LowBetter than 72% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity21 Limited adoption so far Community11 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 84.2% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~154 days Recently: every ~337 days Total 10 Last Release 2239d ago Major Versions v1.3.0 → v2.0.02016-07-21 v2.0.0 → v3.0.02016-08-26 PHP version history (3 changes)v1.0.0PHP >=5.3.0 v3.0.0PHP ^7 v3.3.0PHP ^7.1 ### Community Maintainers ![](https://www.gravatar.com/avatar/37a992956f2ceb043547091360fe71dacdd2b227d5450e7022b2a53660ba4e44?d=identicon)[muglug](/maintainers/muglug) --- Top Contributors [![ocram](https://avatars.githubusercontent.com/u/1681478?v=4)](https://github.com/ocram "ocram (32 commits)")[![muglug](https://avatars.githubusercontent.com/u/2292638?v=4)](https://github.com/muglug "muglug (2 commits)")[![paragonie-security](https://avatars.githubusercontent.com/u/15914520?v=4)](https://github.com/paragonie-security "paragonie-security (2 commits)")[![ojhaujjwal](https://avatars.githubusercontent.com/u/4995501?v=4)](https://github.com/ojhaujjwal "ojhaujjwal (1 commits)")[![paragonie-scott](https://avatars.githubusercontent.com/u/11591518?v=4)](https://github.com/paragonie-scott "paragonie-scott (1 commits)") --- Tags httpcookiesxsscookiecsrfsamesitesame-site ### Embed Badge ![Health badge](/badges/muglug-cookie/health.svg) ``` [![Health](https://phpackages.com/badges/muglug-cookie/health.svg)](https://phpackages.com/packages/muglug-cookie) ``` ### Alternatives [delight-im/cookie Modern cookie management for PHP 1681.2M12](/packages/delight-im-cookie)[paragonie/cookie Modern cookie management for PHP 7 5654.3k2](/packages/paragonie-cookie)[aplus/http Aplus Framework HTTP Library 2311.6M10](/packages/aplus-http)[nette/http 🌐 Nette Http: abstraction for HTTP request, response and session. Provides careful data sanitization and utility for URL and cookies manipulation. 48619.2M541](/packages/nette-http)[paragonie/csp-builder Easily add and update Content-Security-Policy headers for your project 5412.8M18](/packages/paragonie-csp-builder)[amphp/http-client-cookies Automatic cookie handling for Amp's HTTP client. 14750.8k12](/packages/amphp-http-client-cookies) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)