Class Cookie
Cookie object to build a cookie and turn it into a header value
An HTTP cookie (also called web cookie, Internet cookie, browser cookie or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.
Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, and preferences.
Cookie objects are immutable, and you must re-assign variables when modifying cookie objects:
$cookie = $cookie->withValue('0');
Constants summary
-
string
EXPIRES_FORMAT'D, d-M-Y H:i:s T'
-
string
SAMESITE_LAX'Lax'
-
string
SAMESITE_NONE'None'
-
string
SAMESITE_STRICT'Strict'
-
string[]
SAMESITE_VALUES[self::SAMESITE_LAX, self::SAMESITE_STRICT, self::SAMESITE_NONE]
Properties summary
- $domain protected
string
Domain
- $expiresAt protected
\DateTime|\DateTimeImmutable|null
Expiration time
- $httpOnly protected
bool
HTTP only
- $isExpanded protected
bool
Whether or not a JSON value has been expanded into an array.
- $name protected
string
Cookie name
- $path protected
string
Path
- $sameSite protected
string|null
Samesite
- $secure protected
bool
Secure
- $value protected
string|array
Raw Cookie value.
Method Summary
- _expand() protected
Explode method to return array from string set in CookieComponent::_flatten() Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().
Method Detail
__construct() public
__construct(mixed $name, mixed $value, mixed $expiresAt, mixed $path, mixed $domain, mixed $secure, mixed $httpOnly, mixed $sameSite)
Constructor
The constructors args are similar to the native PHP setcookie()
method. The only difference is the 3rd argument which excepts null or an DateTime or DateTimeImmutable object instead an integer.
Parameters
-
string
$name Cookie name
-
string|array
$value optional Value of the cookie
-
\DateTime|\DateTimeImmutable|null
$expiresAt optional Expiration time and date
-
string
$path optional Path
-
string
$domain optional Domain
-
bool
$secure optional Is secure
-
bool
$httpOnly optional HTTP Only
-
string|null
$sameSite optional Samesite
Throws
InvalidArgumentException
If an invalid value is passed for any of the arguments.
Links
_expand() protected
_expand(mixed $string)
Explode method to return array from string set in CookieComponent::_flatten() Maintains reading backwards compatibility with 1.x CookieComponent::_flatten().
Parameters
-
string
$string A string containing JSON encoded data, or a bare string.
Returns
string|array
Map of key and values
_flatten() protected
_flatten(array $array)
Implode method to keep keys are multidimensional arrays
Parameters
-
array
$array Map of key and values
Returns
string
A json encoded string.
_setValue() protected
_setValue(mixed $value)
Setter for the value attribute.
Parameters
-
mixed
$value The value to store.
check() public
check(mixed $path)
Checks if a value exists in the cookie data.
This method will expand serialized complex data, on first use.
Parameters
-
string
$path Path to check
Returns
bool
getDomain() public
getDomain()
Get the domain attribute.
Returns
string
getExpiresTimestamp() public
getExpiresTimestamp()
Get the timestamp from the expiration time
Timestamps are strings as large timestamps can overflow MAX_INT in 32bit systems.
Returns
string|null
The expiry time as a string timestamp.
getExpiry() public
getExpiry()
Get the current expiry time
Returns
\DateTime|\DateTimeImmutable|null
Timestamp of expiry or null
getFormattedExpires() public
getFormattedExpires()
Builds the expiration value part of the header string
Returns
string
getId() public
getId()
Get the id for a cookie
Cookies are unique across name, domain, path tuples.
Returns
string
getName() public
getName()
Gets the cookie name
Returns
string
getPath() public
getPath()
Get the path attribute.
Returns
string
getSameSite() public
getSameSite()
Get the SameSite attribute.
Returns
string|null
getStringValue() public
getStringValue()
Gets the cookie value as a string.
This will collapse any complex data in the cookie with json_encode()
Returns
string
getValue() public
getValue()
Gets the cookie value
Returns
string|array
isExpanded() public
isExpanded()
Checks if the cookie value was expanded
Returns
bool
isExpired() public
isExpired(mixed $time)
Check if a cookie is expired when compared to $time
Cookies without an expiration date always return false.
Parameters
-
\DateTime|\DateTimeImmutable
$time optional The time to test against. Defaults to 'now' in UTC.
Returns
bool
isHttpOnly() public
isHttpOnly()
Check if the cookie is HTTP only
Returns
bool
isSecure() public
isSecure()
Check if the cookie is secure
Returns
bool
read() public
read(mixed $path)
Read data from the cookie
This method will expand serialized complex data, on first use.
Parameters
-
string
$path optional Path to read the data from
Returns
mixed
toHeaderValue() public
toHeaderValue()
Returns a header value as string
Returns
string
validateBool() protected
validateBool(mixed $value)
Validate that an argument is a boolean
Parameters
-
bool
$value The value to validate.
Throws
InvalidArgumentException
validateName() protected
validateName(mixed $name)
Validates the cookie name
Parameters
-
string
$name Name of the cookie
Throws
InvalidArgumentException
Links
Rules for naming cookies.
validateSameSiteValue() protected static
validateSameSiteValue(mixed $sameSite)
Check that value passed for SameSite is valid.
Parameters
-
string
$sameSite SameSite value
Throws
InvalidArgumentException
validateString() protected
validateString(mixed $value)
Validate that an argument is a string
Parameters
-
string
$value The value to validate.
Throws
InvalidArgumentException
withAddedValue() public
withAddedValue(mixed $path, mixed $value)
Create a new cookie with updated data.
Parameters
-
string
$path Path to write to
-
mixed
$value Value to write
Returns
static
withDomain() public
withDomain(mixed $domain)
Create a cookie with an updated domain
Parameters
-
string
$domain Domain to set
Returns
static
withExpired() public
withExpired()
Create a new cookie that will expire/delete the cookie from the browser.
This is done by setting the expiration time to 1 year ago
Returns
static
withExpiry() public
withExpiry(mixed $dateTime)
Create a cookie with an updated expiration date
Parameters
-
\DateTime|\DateTimeImmutable
$dateTime Date time object
Returns
static
withHttpOnly() public
withHttpOnly(mixed $httpOnly)
Create a cookie with HTTP Only updated
Parameters
-
bool
$httpOnly HTTP Only
Returns
static
withName() public
withName(mixed $name)
Sets the cookie name
Parameters
-
string
$name Name of the cookie
Returns
static
withNeverExpire() public
withNeverExpire()
Create a new cookie that will virtually never expire.
Returns
static
withPath() public
withPath(mixed $path)
Create a new cookie with an updated path
Parameters
-
string
$path Sets the path
Returns
static
withSameSite() public
withSameSite(mixed $sameSite)
Create a cookie with an updated SameSite option.
Parameters
-
string|null
$sameSite optional Value for to set for Samesite option. One of CookieInterface::SAMESITE_* constants.
Returns
static
Throws
InvalidArgumentException
If argument value is not one of CookieInterface::SAMESITE_VALUES
withSecure() public
withSecure(mixed $secure)
Create a cookie with Secure updated
Parameters
-
bool
$secure Secure attribute value
Returns
static
withValue() public
withValue(mixed $value)
Create a cookie with an updated value.
Parameters
-
string|array
$value Value of the cookie to set
Returns
static
withoutAddedValue() public
withoutAddedValue(mixed $path)
Create a new cookie without a specific path
Parameters
-
string
$path Path to remove
Returns
static
Property Detail
$domain protected
Domain
Type
string
$expiresAt protected
Expiration time
Type
\DateTime|\DateTimeImmutable|null
$httpOnly protected
HTTP only
Type
bool
$isExpanded protected
Whether or not a JSON value has been expanded into an array.
Type
bool
$name protected
Cookie name
Type
string
$path protected
Path
Type
string
$sameSite protected
Samesite
Type
string|null
$secure protected
Secure
Type
bool
$value protected
Raw Cookie value.
Type
string|array
© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/3.9/class-Cake.Http.Cookie.Cookie.html