PhpRiot
Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...


When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Instantiating Zend_Http_Cookie Objects

Instantiating a Cookie object can be done in two ways:

  • Through the constructor, using the following syntax: new Zend_Http_Cookie(string $name, string $value, string $domain, [int $expires, [string $path, [boolean $secure]]]);

    • $name: The name of the cookie (eg. 'PHPSESSID') (required)

    • $value: The value of the cookie (required)

    • $domain: The cookie's domain (eg. '.example.com') (required)

    • $expires: Cookie expiration time, as UNIX time stamp (optional, defaults to NULL). If not set, cookie will be treated as a 'session cookie' with no expiration time.

    • $path: Cookie path, eg. '/foo/bar/' (optional, defaults to '/')

    • $secure: Boolean, Whether the cookie is to be sent over secure (HTTPS) connections only (optional, defaults to boolean FALSE)

  • By calling the fromString($cookieStr, [$refUri, [$encodeValue]]) static method, with a cookie string as represented in the 'Set-Cookie ' HTTP response header or 'Cookie' HTTP request header. In this case, the cookie value must already be encoded. When the cookie string does not contain a 'domain' part, you must provide a reference URI according to which the cookie's domain and path will be set.

    The fromString() method accepts the following parameters:

    • $cookieStr: a cookie string as represented in the 'Set-Cookie' HTTP response header or 'Cookie' HTTP request header (required)

    • $refUri: a reference URI according to which the cookie's domain and path will be set. (optional, defaults to parsing the value from the $cookieStr)

    • $encodeValue: If the value should be passed through urldecode. Also effects the cookie's behavior when being converted back to a cookie string. (optional, defaults to true)

Example 498. Instantiating a Zend_Http_Cookie object

<?php
// First, using the constructor. This cookie will expire in 2 hours
$cookie = new Zend_Http_Cookie('foo',
                               
'bar',
                               
'.example.com',
                               
time() + 7200,
                               
'/path');

// You can also take the HTTP response Set-Cookie header and use it.
// This cookie is similar to the previous one, only it will not expire, and
// will only be sent over secure connections
$cookie Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; ' .
                                       
'path=/path; secure');

// If the cookie's domain is not set, you have to manually specify it
$cookie Zend_Http_Cookie::fromString('foo=bar; secure;',
                                       
'http://www.example.com/path');


Note

When instantiating a cookie object using the Zend_Http_Cookie::fromString() method, the cookie value is expected to be URL encoded, as cookie strings should be. However, when using the constructor, the cookie value string is expected to be the real, decoded value.

A cookie object can be transferred back into a string, using the __toString() magic method. This method will produce a HTTP request "Cookie" header string, showing the cookie's name and value, and terminated by a semicolon (';'). The value will be URL encoded, as expected in a Cookie header:

Example 499. Stringifying a Zend_Http_Cookie object

<?php
// Create a new cookie
$cookie = new Zend_Http_Cookie('foo',
                               
'two words',
                               
'.example.com',
                               
time() + 7200,
                               
'/path');

// Will print out 'foo=two+words;' :
echo $cookie->__toString();

// This is actually the same:
echo (string) $cookie;

// In PHP 5.2 and higher, this also works:
echo $cookie;


Zend Framework