W3cubDocs

/CakePHP 4.1

Class Cookie

Cookie object to build a cookie and turn it into a header value

An HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.

Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, and preferences.

Cookie objects are immutable, and you must re-assign variables when modifying cookie objects:

$cookie = $cookie->withValue('0');
Namespace: Cake\Http\Cookie

Constants summary

  • string
    EXPIRES_FORMAT
    'D, d-M-Y H:i:s T'
  • string
    SAMESITE_LAX
    'Lax'
  • string
    SAMESITE_NONE
    'None'
  • string
    SAMESITE_STRICT
    'Strict'
  • string[]
    SAMESITE_VALUES
    [self::SAMESITE_LAX, self::SAMESITE_STRICT, self::SAMESITE_NONE]

Properties summary

  • $defaults protected static
    array

    Default attributes for a cookie.

  • $domain protected
    string

    Domain

  • $expiresAt protected
    \DateTime|\DateTimeImmutable|null

    Expiration time

  • $httpOnly protected
    bool

    HTTP only

  • $isExpanded protected
    bool

    Whether or not a JSON value has been expanded into an array.

  • $name protected
    string

    Cookie name

  • $path protected
    string

    Path

  • $sameSite protected
    string|null

    Samesite

  • $secure protected
    bool

    Secure

  • $value protected
    string|array

    Raw Cookie value.

Method Summary

Method Detail

__construct() public

__construct(string $name, mixed $value, ?\DateTimeInterface $expiresAt, ?string $path, ?string $domain, ?bool $secure, ?bool $httpOnly, ?string $sameSite)

Constructor

The constructors args are similar to the native PHP setcookie() method. The only difference is the 3rd argument which excepts null or an DateTime or DateTimeImmutable object instead an integer.

Parameters

string $name

Cookie name

string|array $value optional

Value of the cookie

\DateTime|\DateTimeImmutable|null $expiresAt optional

Expiration time and date

string|null $path optional

Path

string|null $domain optional

Domain

bool|null $secure optional

Is secure

bool|null $httpOnly optional

HTTP Only

string|null $sameSite optional

Samesite

Links

_expand() protected

_expand(string $string)

Explode method to return array from string set in CookieComponent::_flatten() Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().

Parameters

string $string

A string containing JSON encoded data, or a bare string.

Returns

string|array

Map of key and values

_flatten() protected

_flatten(array $array)

Implode method to keep keys are multidimensional arrays

Parameters

array $array

Map of key and values

Returns

string

A JSON encoded string.

_setValue() protected

_setValue(mixed $value)

Setter for the value attribute.

Parameters

string|array $value

The value to store.

check() public

check(string $path)

Checks if a value exists in the cookie data.

This method will expand serialized complex data, on first use.

Parameters

string $path

Path to check

Returns

bool

create() public static

create(string $name, mixed $value, array $options)

Factory method to create Cookie instances.

Parameters

string $name

Cookie name

string|array $value

Value of the cookie

array $options optional

Cookies options.

Returns

static

See Also

\Cake\Cookie\Cookie::setDefaults()

createFromHeaderString() public static

createFromHeaderString(string $cookie, array $defaults)

Create Cookie instance from "set-cookie" header string.

Parameters

string $cookie

Cookie header string.

array $defaults optional

Default attributes.

Returns

static

See Also

\Cake\Cookie\Cookie::setDefaults()

dateTimeInstance() protected static

dateTimeInstance(mixed $expires)

Converts non null expiry value into DateTimeInterface instance.

Parameters

mixed $expires

Expiry value.

Returns

\DateTimeInterface|null

getDomain() public

getDomain()

Get the domain attribute.

Returns

string

getExpiresTimestamp() public

getExpiresTimestamp()

Get the timestamp from the expiration time

Returns

int|null

The expiry time as an integer.

getExpiry() public

getExpiry()

Get the current expiry time

Returns

\DateTime|\DateTimeImmutable|null

Timestamp of expiry or null

getFormattedExpires() public

getFormattedExpires()

Builds the expiration value part of the header string

Returns

string

getId() public

getId()

Get the id for a cookie

Cookies are unique across name, domain, path tuples.

Returns

string

getName() public

getName()

Gets the cookie name

Returns

string

getOptions() public

getOptions()

Get cookie options

Returns

array

getPath() public

getPath()

Get the path attribute.

Returns

string

getSameSite() public

getSameSite()

Get the SameSite attribute.

Returns

string|null

getScalarValue() public

getScalarValue()

Gets the cookie value as scalar.

This will collapse any complex data in the cookie with json_encode()

Returns

mixed

getStringValue() public

getStringValue()

Gets the cookie value as a string.

This will collapse any complex data in the cookie with json_encode()

Returns

mixed

getValue() public

getValue()

Gets the cookie value

Returns

string|array

isExpanded() public

isExpanded()

Checks if the cookie value was expanded

Returns

bool

isExpired() public

isExpired(mixed $time)

Check if a cookie is expired when compared to $time

Cookies without an expiration date always return false.

Parameters

\DateTime|\DateTimeImmutable $time optional

The time to test against. Defaults to 'now' in UTC.

Returns

bool

isHttpOnly() public

isHttpOnly()

Check if the cookie is HTTP only

Returns

bool

isSecure() public

isSecure()

Check if the cookie is secure

Returns

bool

read() public

read(?string $path)

Read data from the cookie

This method will expand serialized complex data, on first use.

Parameters

string $path optional

Path to read the data from

Returns

mixed

setDefaults() public static

setDefaults(array $options)

Set default options for the cookies.

Valid option keys are:

  • expires: Can be a UNIX timestamp or strtotime() compatible string or DateTimeInterface instance or null.
  • path: A path string. Defauts to '/'.
  • domain: Domain name string. Defaults to ''.
  • httponly: Boolean. Defaults to false.
  • secure: Boolean. Defaults to false.
  • samesite: Can be one of CookieInterface::SAMESITE_LAX, CookieInterface::SAMESITE_STRICT, CookieInterface::SAMESITE_NONE or null. Defaults to null.

Parameters

array $options

Default options.

toArray() public

toArray()

Get cookie data as array.

Returns

array

With keys name, value, expires etc. options.

toHeaderValue() public

toHeaderValue()

Returns a header value as string

Returns

string

validateName() protected

validateName(string $name)

Validates the cookie name

Parameters

string $name

Name of the cookie

Throws

InvalidArgumentException

Links

validateSameSiteValue() protected static

validateSameSiteValue(string $sameSite)

Check that value passed for SameSite is valid.

Parameters

string $sameSite

SameSite value

Throws

InvalidArgumentException

withAddedValue() public

withAddedValue(string $path, mixed $value)

Create a new cookie with updated data.

Parameters

string $path

Path to write to

mixed $value

Value to write

Returns

static

withDomain() public

withDomain(string $domain)

Create a cookie with an updated domain

Parameters

string $domain

Domain to set

Returns

static

withExpired() public

withExpired()

Create a new cookie that will expire/delete the cookie from the browser.

This is done by setting the expiration time to 1 year ago

Returns

static

withExpiry() public

withExpiry(mixed $dateTime)

Create a cookie with an updated expiration date

Parameters

\DateTime|\DateTimeImmutable $dateTime

Date time object

Returns

static

withHttpOnly() public

withHttpOnly(bool $httpOnly)

Create a cookie with HTTP Only updated

Parameters

bool $httpOnly

HTTP Only

Returns

static

withName() public

withName(string $name)

Sets the cookie name

Parameters

string $name

Name of the cookie

Returns

static

withNeverExpire() public

withNeverExpire()

Create a new cookie that will virtually never expire.

Returns

static

withPath() public

withPath(string $path)

Create a new cookie with an updated path

Parameters

string $path

Sets the path

Returns

static

withSameSite() public

withSameSite(?string $sameSite)

Create a cookie with an updated SameSite option.

Parameters

string|null $sameSite

Value for to set for Samesite option. One of CookieInterface::SAMESITE_* constants.

Returns

static

withSecure() public

withSecure(bool $secure)

Create a cookie with Secure updated

Parameters

bool $secure

Secure attribute value

Returns

static

withValue() public

withValue(mixed $value)

Create a cookie with an updated value.

Parameters

string|array $value

Value of the cookie to set

Returns

static

withoutAddedValue() public

withoutAddedValue(string $path)

Create a new cookie without a specific path

Parameters

string $path

Path to remove

Returns

static

Property Detail

$defaults protected static

Default attributes for a cookie.

Type

array

$domain protected

Domain

Type

string

$expiresAt protected

Expiration time

Type

\DateTime|\DateTimeImmutable|null

$httpOnly protected

HTTP only

Type

bool

$isExpanded protected

Whether or not a JSON value has been expanded into an array.

Type

bool

$name protected

Cookie name

Type

string

$path protected

Path

Type

string

$sameSite protected

Samesite

Type

string|null

$secure protected

Secure

Type

bool

$value protected

Raw Cookie value.

Type

string|array

© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/4.1/class-Cake.Http.Cookie.Cookie.html