Enables getting, setting and removing cookies from the ProcessWire API using `$input->cookie`.
- Whether getting or setting, cookie values are always strings.
- Values retrieved from
$input->cookieare user input (like PHP’s $_COOKIE) and need to be sanitized and validated by you. - When removing/unsetting cookies, the path, domain, secure, and httponly options must be the same as when the cookie was set,
as a result, it’s good to have these things predefined in
$config->cookieOptionsrather than setting during runtime. - Note that this class does not manage PW’s session cookies.
// setting cookies
$input->cookie->foo = 'bar';
$input->cookie->set('foo', 'bar'); // same as above
$input->cookie['foo'] = 'bar'; // same as above
// setting cookies, with options
$input->cookie->set('foo', bar', 86400); // live for 1 day
$input->cookie->options('age', 3600); // any further set() cookies live for 1 hour (3600s)
$input->cookie->set('foo', 'bar'); // uses setting from above options() call
// getting cookies
$bar = $input->cookie->foo;
$bar = $input->cookie['foo']; // same as above
$bar = $input->cookie('foo'); // same as above
$bar = $input->cookie->get('foo'); // same as above
$bar = $input->cookie->text('foo'); // sanitize with text() sanitizer
// removing cookies
unset($input->cookie->foo);
$input->cookie->remove('foo'); // same as above
$input->cookie->set('foo', null); // same as above
$input->cookie->removeAll(); // remove all cookies
// to modify default cookie settings, add this to your /site/config.php file and edit:
$config->cookieOptions = [
// Max age of cookies in seconds or 0 to expire with session
// 3600=1 hour, 86400=1 day, 604800=1 week, 2592000=30 days, etc.
'age' => 604800,
// Cookie path/URL or null for PW installation’s root URL
'path' => null,
// Cookie domain: null for current hostname, true for all subdomains of current domain,
// domain.com for domain and all subdomains (same as true), www.domain.com for www subdomain
// and additional hosts off www subdomain (i.e. dev.www.domain.com)
'domain' => null,
// Transmit cookies only over secure HTTPS connection?
// Specify true, false, or null to auto-detect (uses true for cookies set when HTTPS).
'secure' => null,
// Cookie SameSite value: When set to “Lax” cookies are preserved on GET requests to this site
// originated from external links. May also be “Strict” or “None”. The 'secure' option is
// required for “None”. Default value is “Lax”. Available in PW 3.0.178+.
'samesite' => 'Lax',
// Make cookies accessible by HTTP (ProcessWire/PHP) only?
// When true, cookie is http/server-side only and not visible to client-side JS code.
'httponly' => false,
// If set cookie fails (perhaps due to output already sent),
// attempt to set at beginning of next request?
'fallback' => true,
];ProcessWire 3.x, Copyright 2023 by Ryan Cramer https://processwire.com
/
Click any linked item for full usage details and examples. Hookable methods are indicated with the icon. In addition to those shown below, the Wire class also inherits all the methods and properties of: WireInputData and Wire.
Common
| Name | Return | Summary | |
|---|---|---|---|
Wire Wire Wire | string int float array null | Get a cookie value | |
Wire Wire Wire | string array int float null this | Get or set cookie options | |
Wire Wire Wire | Wire WireInputData this | Remove a cookie value by name | |
Wire Wire Wire | this WireInputData | Remove all cookies (other than those required for current session) | |
Wire Wire Wire | $this | Set a cookie (optionally with options) |
Additional methods and properties
In addition to the methods and properties above, Wire
API reference based on ProcessWire core version 3.0.236