Class Cookie

Cookie object to build a cookie and turn it into a header value

An HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.

Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, and preferences.

Cookie objects are immutable, and you must re-assign variables when modifying cookie objects:

$cookie = $cookie->withValue('0');

Namespace: Cake\Http\Cookie
See: Cake\Http\Cookie\CookieCollection for working with collections of cookies.
See: Cake\Http\Response::getCookieCollection() for working with response cookies.
Link: https://tools.ietf.org/html/rfc6265
Link: https://en.wikipedia.org/wiki/HTTP_cookie

Constants

string

EXPIRES_FORMAT ¶
```
'D, d-M-Y H:i:s T'
```
Expires attribute format.

Property Summary

$domain protected

string

Domain
$expiresAt protected

DateTime|DateTimeImmutable|null

Expiration time
$httpOnly protected

bool

HTTP only
$isExpanded protected

bool

Whether or not a JSON value has been expanded into an array.
$name protected

string

Cookie name
$path protected

string

Path
$secure protected

bool

Secure
$value protected

string|array

Raw Cookie value.

Method Summary

__construct() public

Constructor
_expand() protected

Explode method to return array from string set in CookieComponent::_flatten() Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().
_flatten() protected

Implode method to keep keys are multidimensional arrays
_setValue() protected

Setter for the value attribute.
check() public

Checks if a value exists in the cookie data.
getDomain() public

Get the domain attribute.
getExpiresTimestamp() public

Get the timestamp from the expiration time
getExpiry() public

Get the current expiry time
getFormattedExpires() public

Builds the expiration value part of the header string
getId() public

Get the id for a cookie
getName() public

Gets the cookie name
getPath() public

Get the path attribute.
getStringValue() public

Gets the cookie value as a string.
getValue() public

Gets the cookie value
isExpanded() public

Checks if the cookie value was expanded
isExpired() public

Check if a cookie is expired when compared to $time
isHttpOnly() public

Check if the cookie is HTTP only
isSecure() public

Check if the cookie is secure
read() public

Read data from the cookie
toHeaderValue() public

Returns a header value as string
validateBool() protected

Validate that an argument is a boolean
validateName() protected

Validates the cookie name
validateString() protected

Validate that an argument is a string
withAddedValue() public

Create a new cookie with updated data.
withDomain() public

Create a cookie with an updated domain
withExpired() public

Create a new cookie that will expire/delete the cookie from the browser.
withExpiry() public

Create a cookie with an updated expiration date
withHttpOnly() public

Create a cookie with HTTP Only updated
withName() public

Sets the cookie name
withNeverExpire() public

Create a new cookie that will virtually never expire.
withPath() public

Create a new cookie with an updated path
withSecure() public

Create a cookie with Secure updated
withValue() public

Create a cookie with an updated value.
withoutAddedValue() public

Create a new cookie without a specific path

Method Detail

__construct() ¶ public

__construct(string $name, string|array $value = '', DateTime|DateTimeImmutable|null $expiresAt = null, string $path = '/', string $domain = '', bool $secure = false, bool $httpOnly = false)

Constructor

The constructors args are similar to the native PHP setcookie() method. The only difference is the 3rd argument which excepts null or an DateTime or DateTimeImmutable object instead an integer.

Parameters

string $name: Cookie name
string|array $value optional: Value of the cookie
DateTime|DateTimeImmutable|null $expiresAt optional: Expiration time and date
string $path optional: Path
string $domain optional: Domain
bool $secure optional: Is secure
bool $httpOnly optional: HTTP Only

Links

http://php.net/manual/en/function.setcookie.php

_expand() ¶ protected

_expand(string $string): string|array

Explode method to return array from string set in CookieComponent::_flatten() Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().

Parameters

string $string: A string containing JSON encoded data, or a bare string.

Returns

string|array

_flatten() ¶ protected

_flatten(array $array): string

Implode method to keep keys are multidimensional arrays

Parameters

array $array: Map of key and values

Returns

string

_setValue() ¶ protected

_setValue(mixed $value): void

Setter for the value attribute.

Parameters

mixed $value: The value to store.

Returns

void

check() ¶ public

check(string $path): bool

Checks if a value exists in the cookie data.

This method will expand serialized complex data, on first use.

Parameters

string $path: Path to check

Returns

bool

getDomain() ¶ public

getDomain(): string

Get the domain attribute.

Returns

string

getExpiresTimestamp() ¶ public

getExpiresTimestamp(): string|null

Get the timestamp from the expiration time

Timestamps are strings as large timestamps can overflow MAX_INT in 32bit systems.

Returns

string|null

getExpiry() ¶ public

getExpiry(): DateTime|DateTimeImmutable|null

Get the current expiry time

Returns

DateTime|DateTimeImmutable|null

getFormattedExpires() ¶ public

getFormattedExpires(): string

Builds the expiration value part of the header string

Returns

string

getId() ¶ public

getId(): string

Get the id for a cookie

Cookies are unique across name, domain, path tuples.

Returns

string

getName() ¶ public

getName(): string

Gets the cookie name

Returns

string

getPath() ¶ public

getPath(): string

Get the path attribute.

Returns

string

getStringValue() ¶ public

getStringValue(): string

Gets the cookie value as a string.

This will collapse any complex data in the cookie with json_encode()

Returns

string

getValue() ¶ public

getValue(): string|array

Gets the cookie value

Returns

string|array

isExpanded() ¶ public

isExpanded(): bool

Checks if the cookie value was expanded

Returns

bool

isExpired() ¶ public

isExpired(DateTime|DateTimeImmutable $time = null): bool

Check if a cookie is expired when compared to $time

Cookies without an expiration date always return false.

Parameters

DateTime|DateTimeImmutable $time optional

Returns

bool

isHttpOnly() ¶ public

isHttpOnly(): bool

Check if the cookie is HTTP only

Returns

bool

isSecure() ¶ public

isSecure(): bool

Check if the cookie is secure

Returns

bool

read() ¶ public

read(string $path = null): mixed

Read data from the cookie

This method will expand serialized complex data, on first use.

Parameters

string $path optional: Path to read the data from

Returns

mixed

toHeaderValue() ¶ public

toHeaderValue(): string

Returns a header value as string

Returns

string

validateBool() ¶ protected

validateBool(bool $value): void

Validate that an argument is a boolean

Parameters

bool $value: The value to validate.

Returns

void

Throws

InvalidArgumentException

validateName() ¶ protected

validateName(string $name): void

Validates the cookie name

Parameters

string $name: Name of the cookie

Returns

void

Throws

InvalidArgumentException

Links

https://tools.ietf.org/html/rfc2616#section-2.2 Rules for naming cookies.

validateString() ¶ protected

validateString(string $value): void

Validate that an argument is a string

Parameters

string $value: The value to validate.

Returns

void

Throws

InvalidArgumentException

withAddedValue() ¶ public

withAddedValue(string $path, mixed $value): static

Create a new cookie with updated data.

Parameters

string $path: Path to write to
mixed $value: Value to write

Returns

static

withDomain() ¶ public

withDomain(string $domain): static

Create a cookie with an updated domain

Parameters

string $domain

Returns

static

withExpired() ¶ public

withExpired(): static

Create a new cookie that will expire/delete the cookie from the browser.

This is done by setting the expiration time to 1 year ago

Returns

static

withExpiry() ¶ public

withExpiry(DateTime|DateTimeImmutable $dateTime): static

Create a cookie with an updated expiration date

Parameters

DateTime|DateTimeImmutable $dateTime

Returns

static

withHttpOnly() ¶ public

withHttpOnly(bool $httpOnly): static

Create a cookie with HTTP Only updated

Parameters

bool $httpOnly

Returns

static

withName() ¶ public

withName(string $name): static

Sets the cookie name

Parameters

string $name

Returns

static

withNeverExpire() ¶ public

withNeverExpire(): static

Create a new cookie that will virtually never expire.

Returns

static

withPath() ¶ public

withPath(string $path): static

Create a new cookie with an updated path

Parameters

string $path

Returns

static

withSecure() ¶ public

withSecure(bool $secure): static

Create a cookie with Secure updated

Parameters

bool $secure

Returns

static

withValue() ¶ public

withValue(string|array $value): static

Create a cookie with an updated value.

Parameters

string|array $value

Returns

static

withoutAddedValue() ¶ public

withoutAddedValue(string $path): static

Create a new cookie without a specific path

Parameters

string $path: Path to remove

Returns

static

Property Detail

`$domain` ¶ protected

Domain

Type

string

`$expiresAt` ¶ protected

Expiration time

Type

DateTime|DateTimeImmutable|null

`$httpOnly` ¶ protected

HTTP only

Type

bool

`$isExpanded` ¶ protected

Whether or not a JSON value has been expanded into an array.

Type

bool

`$name` ¶ protected

Cookie name

Type

string

`$path` ¶ protected

Path

Type

string

`$secure` ¶ protected

Secure

Type

bool

`$value` ¶ protected

Raw Cookie value.

Type

string|array

Namespaces

Class Cookie

Constants

Property Summary

Method Summary

__construct() public

_expand() protected

_flatten() protected

_setValue() protected

check() public

getDomain() public

getExpiresTimestamp() public

getExpiry() public

getFormattedExpires() public

getId() public

getName() public

getPath() public

getStringValue() public

getValue() public

isExpanded() public

isExpired() public

isHttpOnly() public

isSecure() public

read() public

toHeaderValue() public

validateBool() protected

validateName() protected

validateString() protected

withAddedValue() public

withDomain() public

withExpired() public

withExpiry() public

withHttpOnly() public

withName() public

withNeverExpire() public

withPath() public

withSecure() public

withValue() public

withoutAddedValue() public

Method Detail

__construct() ¶ public

Parameters

Links

_expand() ¶ protected

Parameters

Returns

_flatten() ¶ protected

Parameters

Returns

_setValue() ¶ protected

Parameters

Returns

check() ¶ public

Parameters

Returns

getDomain() ¶ public

Returns

getExpiresTimestamp() ¶ public

Returns

getExpiry() ¶ public

Returns

getFormattedExpires() ¶ public

Returns

getId() ¶ public

Returns

getName() ¶ public

Returns

getPath() ¶ public

Returns

getStringValue() ¶ public

Returns

getValue() ¶ public

Returns

isExpanded() ¶ public

Returns

isExpired() ¶ public

Parameters

Returns

isHttpOnly() ¶ public

Returns

`$domain` ¶ protected

`$expiresAt` ¶ protected

`$httpOnly` ¶ protected

`$isExpanded` ¶ protected

`$name` ¶ protected

`$path` ¶ protected

`$secure` ¶ protected