PHPackages pinga/cookie - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. pinga/cookie ActiveLibrary[HTTP & Networking](/categories/http) pinga/cookie ============ Modern cookie management for PHP v0.2(3y ago)06142[1 issues](https://github.com/getpinga/cookie/issues)2MITPHPPHP >=8.1.0 Since Jan 27Pushed 3y agoCompare [ Source](https://github.com/getpinga/cookie)[ Packagist](https://packagist.org/packages/pinga/cookie)[ Docs](https://github.com/getpinga/cookie)[ RSS](/packages/pinga-cookie/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (2)Dependencies (1)Versions (3)Used By (2) Pinga Cookie ============ [](#pinga-cookie) Modern cookie management for PHP Requirements ------------ [](#requirements) - PHP 8.1.0+ Installation ------------ [](#installation) 1. Include the library via Composer [\[?\]](https://github.com/delight-im/Knowledge/blob/master/Composer%20(PHP).md): ``` $ composer require pinga/cookie ``` 2. Include the Composer autoloader: ``` require __DIR__ . '/vendor/autoload.php'; ``` Upgrading --------- [](#upgrading) Migrating from an earlier version of this project? See our [upgrade guide](Migration.md) for help. Usage ----- [](#usage) ### Static method [](#static-method) This library provides a static method that is compatible to PHP’s built-in `setcookie(...)` function but includes support for more recent features such as the `SameSite` attribute: ``` \Delight\Cookie\Cookie::setcookie('SID', '31d4d96e407aad42'); // or \Delight\Cookie\Cookie::setcookie('SID', '31d4d96e407aad42', time() + 3600, '/~rasmus/', 'example.com', true, true, 'Lax'); ``` ### Builder pattern [](#builder-pattern) Instances of the `Cookie` class let you build a cookie conveniently by setting individual properties. This class uses reasonable defaults that may differ from defaults of the `setcookie` function. ``` $cookie = new \Delight\Cookie\Cookie('SID'); $cookie->setValue('31d4d96e407aad42'); $cookie->setMaxAge(60 * 60 * 24); // $cookie->setExpiryTime(time() + 60 * 60 * 24); $cookie->setPath('/~rasmus/'); $cookie->setDomain('example.com'); $cookie->setHttpOnly(true); $cookie->setSecureOnly(true); $cookie->setSameSiteRestriction('Strict'); // echo $cookie; // or $cookie->save(); // or // $cookie->saveAndSet(); ``` The method calls can also be chained: ``` (new \Delight\Cookie\Cookie('SID'))->setValue('31d4d96e407aad42')->setMaxAge(60 * 60 * 24)->setSameSiteRestriction('None')->save(); ``` A cookie can later be deleted simply like this: ``` $cookie->delete(); // or $cookie->deleteAndUnset(); ``` **Note:** For the deletion to work, the cookie must have the same settings as the cookie that was originally saved – except for its value, which doesn’t need to be set. So you should remember to pass appropriate values to `setPath(...)`, `setDomain(...)`, `setHttpOnly(...)` and `setSecureOnly(...)` again. ### Reading cookies [](#reading-cookies) - Checking whether a cookie exists: ``` \Delight\Cookie\Cookie::exists('first_visit'); ``` - Reading a cookie’s value (with optional default value): ``` \Delight\Cookie\Cookie::get('first_visit'); // or \Delight\Cookie\Cookie::get('first_visit', \time()); ``` ### Managing sessions [](#managing-sessions) Using the `Session` class, you can start and resume sessions in a way that is compatible to PHP’s built-in `session_start()` function, while having access to the improved cookie handling from this library as well: ``` // start session and have session cookie with 'lax' same-site restriction \Delight\Cookie\Session::start(); // or \Delight\Cookie\Session::start('Lax'); // start session and have session cookie with 'strict' same-site restriction \Delight\Cookie\Session::start('Strict'); // start session and have session cookie without any same-site restriction \Delight\Cookie\Session::start(null); // or \Delight\Cookie\Session::start('None'); // Chrome 80+ ``` All three calls respect the settings from PHP’s `session_set_cookie_params(...)` function and the configuration options `session.name`, `session.cookie_lifetime`, `session.cookie_path`, `session.cookie_domain`, `session.cookie_secure`, `session.cookie_httponly` and `session.use_cookies`. Likewise, replacements for ``` session_regenerate_id(); // and session_regenerate_id(true); ``` are available via ``` \Delight\Cookie\Session::regenerate(); // and \Delight\Cookie\Session::regenerate(true); ``` if you want protection against session fixation attacks that comes with improved cookie handling. Additionally, access to the current internal session ID is provided via ``` \Delight\Cookie\Session::id(); ``` as a replacement for ``` session_id(); ``` ### Reading and writing session data [](#reading-and-writing-session-data) - Read a value from the session (with optional default value): ``` $value = \Delight\Cookie\Session::get($key); // or $value = \Delight\Cookie\Session::get($key, $defaultValue); ``` - Write a value to the session: ``` \Delight\Cookie\Session::set($key, $value); ``` - Check whether a value exists in the session: ``` if (\Delight\Cookie\Session::has($key)) { // ... } ``` - Remove a value from the session: ``` \Delight\Cookie\Session::delete($key); ``` - Read *and then* immediately remove a value from the session: ``` $value = \Delight\Cookie\Session::take($key); $value = \Delight\Cookie\Session::take($key, $defaultValue); ``` This is often useful for flash messages, e.g. in combination with the `has(...)` method. ### Parsing cookies [](#parsing-cookies) ``` $cookieHeader = 'Set-Cookie: test=php.net; expires=Thu, 09-Jun-2016 16:30:32 GMT; Max-Age=3600; path=/~rasmus/; secure'; $cookieInstance = \Delight\Cookie\Cookie::parse($cookieHeader); ``` Specifications -------------- [](#specifications) - [RFC 2109](https://tools.ietf.org/html/rfc2109) - [RFC 6265](https://tools.ietf.org/html/rfc6265) - [Same-site Cookies](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-04) (formerly [2016-06-20](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00) and [2016-04-06](https://tools.ietf.org/html/draft-west-first-party-cookies-07)) - [Amendment](https://tools.ietf.org/html/draft-west-cookie-incrementalism-00): [Default to `Lax`](https://chromestatus.com/feature/5088147346030592) and [require `secure` attribute for `None`](https://chromestatus.com/feature/5633521622188032) (Note: There are [incompatible clients](https://www.chromium.org/updates/same-site/incompatible-clients)) Contributing ------------ [](#contributing) All contributions are welcome! If you wish to contribute, please create an issue first so that your feature, problem or question can be discussed. License ------- [](#license) This project is licensed under the terms of the [MIT License](https://opensource.org/licenses/MIT). ### Health Score 26 — LowBetter than 43% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity18 Limited adoption so far Community16 Small or concentrated contributor base Maturity45 Maturing project, gaining track record Bus Factor1 Top contributor holds 82.2% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~40 days Total 2 Last Release 1166d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/f8f87416e80fdfb906a1e9d206c9a20584ae27bdd20815170b69efd49e8e9436?d=identicon)[getpinga](/maintainers/getpinga) --- Top Contributors [![ocram](https://avatars.githubusercontent.com/u/1681478?v=4)](https://github.com/ocram "ocram (97 commits)")[![getpinga](https://avatars.githubusercontent.com/u/121483313?v=4)](https://github.com/getpinga "getpinga (18 commits)")[![LeSuisse](https://avatars.githubusercontent.com/u/737767?v=4)](https://github.com/LeSuisse "LeSuisse (2 commits)")[![Synchro](https://avatars.githubusercontent.com/u/81561?v=4)](https://github.com/Synchro "Synchro (1 commits)") --- Tags httpcookiescookie ### Embed Badge ![Health badge](/badges/pinga-cookie/health.svg) ``` [![Health](https://phpackages.com/badges/pinga-cookie/health.svg)](https://phpackages.com/packages/pinga-cookie) ``` ### Alternatives [nette/http 🌐 Nette Http: abstraction for HTTP request, response and session. Provides careful data sanitization and utility for URL and cookies manipulation. 48819.2M541](/packages/nette-http)[delight-im/cookie Modern cookie management for PHP 1681.2M12](/packages/delight-im-cookie)[aplus/http Aplus Framework HTTP Library 2311.6M10](/packages/aplus-http)[paragonie/cookie Modern cookie management for PHP 7 5654.3k2](/packages/paragonie-cookie)[amphp/http-client-cookies Automatic cookie handling for Amp's HTTP client. 14750.8k12](/packages/amphp-http-client-cookies) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)