Month: October 2016

access a cookie’s value immediately after calling the setcookie()

If you want to access a cookie’s value immediately after calling the setcookie() you can’t use $_COOKIE. The reason for this is in the nature of the protocol (see https://tools.ietf.org/html/rfc6265). When you use setcookie() it defines a Cookie to be sent along with the rest of the HTTP headers to the client (see http://php.net/manual/en/function.setcookie.php). But $_COOKIE on the other hand contains variables passed to the current script via HTTP Cookies from the client (http://php.net/manual/en/reserved.variables.cookies.php).

When you change $_COOKIE after calling setcookie() – like some answers here recommend – it doesn’t contain only the Cookies from the client any more. This could interferer with assumptions made in third party code used in your application and may result in unwanted site effects. So in general it’s not good practice and it’s only an option when the calls of setcookie() are part of your own code.

A clean and transparent way to get a value set with setcookie() within the same request is to use headers_list() (see http://php.net/manual/en/function.headers-list.php):

function getcookie($name) {
    $cookies = [];
    $headers = headers_list();
    // see http://tools.ietf.org/html/rfc6265#section-4.1.1
    foreach($headers as $header) {
        if (strpos($header, 'Set-Cookie: ') === 0) {
            $value = str_replace('&', urlencode('&'), substr($header, 12));
            parse_str(current(explode(';', $value, 1)), $pair);
            $cookies = array_merge_recursive($cookies, $pair);
        }
    }
    return $cookies[$name];
}
// [...]
setcookie('uname', $uname, time() + 60 * 30);
echo "Cookie value: " . getcookie('uname');

But notice this won’t work in PHP CLI (e.g. PHPUnit). In such a case you could use third party extensions like XDebug (see http://xdebug.org/docs/all_functions#xdebug_get_headers).

Advertisements