{"id":28807,"date":"2024-04-23T22:04:59","date_gmt":"2024-04-23T21:04:59","guid":{"rendered":"https:\/\/nelkodev.com\/blog\/dominando-el-manejo-de-cookies-en-php-creacion-lectura-y-seguridad\/"},"modified":"2024-06-03T18:39:14","modified_gmt":"2024-06-03T17:39:14","slug":"dominando-el-manejo-de-cookies-en-php-creacion-lectura-y-seguridad","status":"publish","type":"post","link":"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/","title":{"rendered":"Mastering Cookie Management in PHP: Creation, Reading and Security"},"content":{"rendered":"<p>Cookies are a fundamental part of modern websites, allowing a more personalized and efficient experience for users. In web development with PHP, proper cookie management is an essential skill for any programmer. This article will guide you through the concepts of creating, reading, and securing cookies with PHP, providing you with the knowledge necessary to implement these functions effectively in your projects.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#%C2%BFQue_es_una_Cookie\" >What is a Cookie?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#Creacion_de_Cookies_en_PHP\" >Creation of Cookies in PHP<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#Paso_1_Establecer_una_Cookie\" >Step 1: Set a Cookie<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#Paso_2_Modificar_una_Cookie\" >Step 2: Modify a Cookie<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#Paso_3_Configuraciones_Avanzadas\" >Step 3: Advanced Settings<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#Lectura_de_Cookies_en_PHP\" >Reading Cookies in PHP<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#Seguridad_de_las_Cookies\" >Cookie Security<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#1_Uso_de_HTTPS\" >1. Use of HTTPS<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#2_Atributo_HttpOnly\" >2. HttpOnly attribute<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#3_Secure_Attribute\" >3. Secure Attribute<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#4_Considera_la_Caducidad_de_las_Cookies\" >4. Consider Cookie Expiration<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/nelkodev.com\/en\/blog\/mastering-cookie-management-in-php-creation-reading-and-security\/#Conclusiones\" >Conclusions<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"%C2%BFQue_es_una_Cookie\"><\/span>What is a Cookie?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>A cookie is a small text file that a web server can save in the user&#039;s browser. Contains information that can be read by the server on future user visits. Cookies are used for different purposes such as storing session information, user preferences, and tracking visit information.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Creacion_de_Cookies_en_PHP\"><\/span>Creation of Cookies in PHP<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><span class=\"ez-toc-section\" id=\"Paso_1_Establecer_una_Cookie\"><\/span>Step 1: Set a Cookie<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>To create a cookie in PHP, we use the function <code>setcookie()<\/code>. This function requires several parameters, but the most important ones are the cookie name and its value. Here I show you a basic example:<\/p>\n<pre><code class=\"&quot;language-php&quot;\">setcookie(&quot;user&quot;, &quot;Juan Perez&quot;, time() + 3600); \/\/ Expires in one hour<\/code><\/pre>\n<p>In this example, <code>user<\/code> is the name of the cookie, <code>Juan Perez<\/code> is the value, and <code>time() + 3600<\/code> indicates that the cookie will expire in one hour.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Paso_2_Modificar_una_Cookie\"><\/span>Step 2: Modify a Cookie<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Modifying a cookie is as simple as setting it again using <code>setcookie()<\/code> with a new value. Remember to specify the same cookie name:<\/p>\n<pre><code class=\"&quot;language-php&quot;\">setcookie(&quot;user&quot;, &quot;Ana Gomez&quot;, time() + 3600); \/\/ Change the cookie value<\/code><\/pre>\n<h3><span class=\"ez-toc-section\" id=\"Paso_3_Configuraciones_Avanzadas\"><\/span>Step 3: Advanced Settings<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><code>setcookie()<\/code> It also allows you to configure the domain, path, security and accessibility of the cookie through HTTPS, using additional parameters:<\/p>\n<pre><code class=\"&quot;language-php&quot;\">setcookie(&quot;securityToken&quot;, &quot;xyz123&quot;, time() + 3600, &quot;\/&quot;, &quot;yoursite.com&quot;, true, true);<\/code><\/pre>\n<p>This example sets a cookie that is only accessible over HTTPS and is not accessible from JavaScript (<code>HttpOnly<\/code>).<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Lectura_de_Cookies_en_PHP\"><\/span>Reading Cookies in PHP<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>To read cookies in PHP, you can use superglobal <code>$_COOKIE<\/code>. This array associates the name of each cookie with its respective value. For example:<\/p>\n<pre><code class=\"&quot;language-php&quot;\">if(!empty($_COOKIE[&quot;user&quot;])) { echo &quot;Hello, &quot; . $_COOKIE[&quot;user&quot;]; } else { echo &quot;Hello, visitor!&quot;; }<\/code><\/pre>\n<p>This code checks if the cookie <code>user<\/code> is set and displays a personalized welcome message.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Seguridad_de_las_Cookies\"><\/span>Cookie Security<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Security is crucial when handling cookies due to the sensitivity of the information they can store. Here I share some best practices:<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1_Uso_de_HTTPS\"><\/span>1. Use of HTTPS<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Always use HTTPS to ensure that cookie information is transmitted securely and cannot be easily intercepted by malicious third parties.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"2_Atributo_HttpOnly\"><\/span>2. HttpOnly attribute<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Use the attribute <code>HttpOnly<\/code> by setting your cookies to prevent them from being accessible by client-side scripts, such as JavaScript. This helps mitigate XSS (Cross-Site Scripting) attacks.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"3_Secure_Attribute\"><\/span>3. Secure Attribute<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The attribute <code>Secure<\/code> ensures that cookies are only sent via HTTPS requests, which increases security when sending sensitive information.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"4_Considera_la_Caducidad_de_las_Cookies\"><\/span>4. Consider Cookie Expiration<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Set an appropriate expiration time for your cookies, depending on the nature of the information they contain. This limits the time during which the information is valid and can potentially be exposed.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Conclusiones\"><\/span>Conclusions<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Proper cookie management is essential for the security and efficiency of your PHP web applications. By following the practices described in this article, you can significantly improve cookie management in your projects, benefiting both your users and the integrity of your applications. If you have more questions about cookie management or need specific assistance with PHP, feel free to visit my blog <a href=\"https:\/\/nelkodev.com\/en\/\">NelkoDev<\/a> or contact me directly through <a href=\"https:\/\/nelkodev.com\/en\/contact\/\">my contact page<\/a>.<\/p>\n<p>This knowledge will allow you to build more robust and secure applications, optimizing the user experience and protecting their personal data.<\/p>","protected":false},"excerpt":{"rendered":"<p>Cookies are a fundamental part of modern websites, allowing for a more personalized and efficient experience for users. In PHP web development, proper cookie management is an essential skill for any programmer. This article will guide you through the concepts of creating, reading, and securing cookies with the help of [\u2026]<\/p>","protected":false},"author":1,"featured_media":28808,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[420,1887,2206],"tags":[205,746,293,211,1289,62,1184,576,15,18],"class_list":["post-28807","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-herramientas-de-desarrollo","category-php","tag-blog","tag-cookies","tag-creacion","tag-desarrollo","tag-dominando","tag-herramientas","tag-lectura","tag-manejo","tag-php","tag-seguridad"],"_links":{"self":[{"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/posts\/28807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/comments?post=28807"}],"version-history":[{"count":0,"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/posts\/28807\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/media\/28808"}],"wp:attachment":[{"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/media?parent=28807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/categories?post=28807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nelkodev.com\/en\/wp-json\/wp\/v2\/tags?post=28807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}