Cookie object to build a cookie and turn it into a header value
An HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.
Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, and preferences.
Cookie objects are immutable, and you must re-assign variables when modifying cookie objects:
$cookie = $cookie->withValue('0');
string
'D, d-M-Y H:i:s T'
Expires attribute format.
string
'Lax'
SameSite attribute value: Lax
string
'None'
SameSite attribute value: None
string
'Strict'
SameSite attribute value: Strict
array<string>
[self::SAMESITE_LAX, self::SAMESITE_STRICT, self::SAMESITE_NONE]
Valid values for "SameSite" attribute.
array<string, mixed>
Default attributes for a cookie.
string
Domain
DateTimeDateTimeImmutable|null
Expiration time
bool
HTTP only
bool
Whether a JSON value has been expanded into an array.
string
Cookie name
string
Path
string|null
Samesite
bool
Secure
array|string
Raw Cookie value.
Constructor
Explode method to return array from string set in CookieComponent::_flatten() Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().
Implode method to keep keys are multidimensional arrays
Setter for the value attribute.
Checks if a value exists in the cookie data.
Factory method to create Cookie instances.
Create Cookie instance from "set-cookie" header string.
Converts non null expiry value into DateTimeInterface instance.
Get the domain attribute.
Get the timestamp from the expiration time
Get the current expiry time
Builds the expiration value part of the header string
Get the id for a cookie
Gets the cookie name
Get cookie options
Get the path attribute.
Get the SameSite attribute.
Gets the cookie value as scalar.
Gets the cookie value as a string.
Gets the cookie value
Checks if the cookie value was expanded
Check if a cookie is expired when compared to $time
Check if the cookie is HTTP only
Check if the cookie is secure
Read data from the cookie
Set default options for the cookies.
Get cookie data as array.
Returns a header value as string
Validates the cookie name
Check that value passed for SameSite is valid.
Create a new cookie with updated data.
Create a cookie with an updated domain
Create a new cookie that will expire/delete the cookie from the browser.
Create a cookie with an updated expiration date
Create a cookie with HTTP Only updated
Sets the cookie name
Create a new cookie that will virtually never expire.
Create a new cookie with an updated path
Create a cookie with an updated SameSite option.
Create a cookie with Secure updated
Create a cookie with an updated value.
Create a new cookie without a specific path
__construct(string $name, array|string $value = '', DateTimeDateTimeImmutable|null $expiresAt = null, string|null $path = null, string|null $domain = null, bool|null $secure = null, bool|null $httpOnly = null, string|null $sameSite = null)
Constructor
The constructors args are similar to the native PHP setcookie()
method. The only difference is the 3rd argument which excepts null or an DateTime or DateTimeImmutable object instead an integer.
string
$name Cookie name
array|string
$value optional Value of the cookie
DateTimeDateTimeImmutable|null
$expiresAt optional Expiration time and date
string|null
$path optional Path
string|null
$domain optional Domain
bool|null
$secure optional Is secure
bool|null
$httpOnly optional HTTP Only
string|null
$sameSite optional Samesite
_expand(string $string): array|string
Explode method to return array from string set in CookieComponent::_flatten() Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().
string
$string A string containing JSON encoded data, or a bare string.
array|string
_flatten(array $array): string
Implode method to keep keys are multidimensional arrays
array
$array Map of key and values
string
_setValue(array|string $value): void
Setter for the value attribute.
array|string
$value The value to store.
void
check(string $path): bool
Checks if a value exists in the cookie data.
This method will expand serialized complex data, on first use.
string
$path Path to check
bool
create(string $name, array|string $value, array<string, mixed> $options = []): static
Factory method to create Cookie instances.
string
$name Cookie name
array|string
$value Value of the cookie
array<string, mixed>
$options optional Cookies options.
static
createFromHeaderString(string $cookie, array<string, mixed> $defaults = []): static
Create Cookie instance from "set-cookie" header string.
string
$cookie Cookie header string.
array<string, mixed>
$defaults optional Default attributes.
static
dateTimeInstance(mixed $expires): DateTimeDatetimeImmutable|null
Converts non null expiry value into DateTimeInterface instance.
mixed
$expires Expiry value.
DateTimeDatetimeImmutable|null
getDomain(): string
Get the domain attribute.
string
getExpiresTimestamp(): int|null
Get the timestamp from the expiration time
int|null
getExpiry(): DateTimeDateTimeImmutable|null
Get the current expiry time
DateTimeDateTimeImmutable|null
getFormattedExpires(): string
Builds the expiration value part of the header string
string
getId(): string
Get the id for a cookie
Cookies are unique across name, domain, path tuples.
string
getName(): string
Gets the cookie name
string
getOptions(): array<string, mixed>
Get cookie options
array<string, mixed>
getPath(): string
Get the path attribute.
string
getSameSite(): string|null
Get the SameSite attribute.
string|null
getScalarValue(): mixed
Gets the cookie value as scalar.
This will collapse any complex data in the cookie with json_encode()
mixed
getStringValue(): mixed
Gets the cookie value as a string.
This will collapse any complex data in the cookie with json_encode()
mixed
getValue(): array|string
Gets the cookie value
array|string
isExpanded(): bool
Checks if the cookie value was expanded
bool
isExpired(DateTimeDateTimeImmutable $time = null): bool
Check if a cookie is expired when compared to $time
Cookies without an expiration date always return false.
DateTimeDateTimeImmutable
$time optional bool
isHttpOnly(): bool
Check if the cookie is HTTP only
bool
isSecure(): bool
Check if the cookie is secure
bool
read(string|null $path = null): mixed
Read data from the cookie
This method will expand serialized complex data, on first use.
string|null
$path optional Path to read the data from
mixed
setDefaults(array<string, mixed> $options): void
Set default options for the cookies.
Valid option keys are:
expires
: Can be a UNIX timestamp or strtotime()
compatible string or DateTimeInterface
instance or null
.path
: A path string. Defauts to '/'
.domain
: Domain name string. Defaults to ''
.httponly
: Boolean. Defaults to false
.secure
: Boolean. Defaults to false
.samesite
: Can be one of CookieInterface::SAMESITE_LAX
, CookieInterface::SAMESITE_STRICT
, CookieInterface::SAMESITE_NONE
or null
. Defaults to null
.array<string, mixed>
$options Default options.
void
toArray(): array<string, mixed>
Get cookie data as array.
array<string, mixed>
toHeaderValue(): string
Returns a header value as string
string
validateName(string $name): void
Validates the cookie name
string
$name Name of the cookie
void
InvalidArgumentException
validateSameSiteValue(string $sameSite): void
Check that value passed for SameSite is valid.
string
$sameSite SameSite value
void
InvalidArgumentException
withAddedValue(string $path, mixed $value): static
Create a new cookie with updated data.
string
$path Path to write to
mixed
$value Value to write
static
withDomain(string $domain): static
Create a cookie with an updated domain
string
$domain static
withExpired(): static
Create a new cookie that will expire/delete the cookie from the browser.
This is done by setting the expiration time to 1 year ago
static
withExpiry(DateTimeDateTimeImmutable $dateTime): static
Create a cookie with an updated expiration date
DateTimeDateTimeImmutable
$dateTime static
withHttpOnly(bool $httpOnly): static
Create a cookie with HTTP Only updated
bool
$httpOnly static
withName(string $name): static
Sets the cookie name
string
$name static
withNeverExpire(): static
Create a new cookie that will virtually never expire.
static
withPath(string $path): static
Create a new cookie with an updated path
string
$path static
withSameSite(string|null $sameSite): static
Create a cookie with an updated SameSite option.
string|null
$sameSite static
withSecure(bool $secure): static
Create a cookie with Secure updated
bool
$secure static
withValue(array|string $value): static
Create a cookie with an updated value.
array|string
$value static
withoutAddedValue(string $path): static
Create a new cookie without a specific path
string
$path Path to remove
static
Default attributes for a cookie.
array<string, mixed>
Domain
string
Expiration time
DateTimeDateTimeImmutable|null
HTTP only
bool
Whether a JSON value has been expanded into an array.
bool
Cookie name
string
Path
string
Samesite
string|null
Secure
bool
Raw Cookie value.
array|string
© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/4.4/class-Cake.Http.Cookie.Cookie.html