Disclaimer: This tutorial is intended for beginners to understand how cookies work in PHP. It demonstrates basic functionality and is not meant to represent real-world applications or best practices for secure data handling. Sensitive information should never be stored in cookies. For secure data management, consider using server-side solutions like sessions or databases.
In this guide, we'll explore PHP form handling using cookies to store user data. Cookies are a way to persist small amounts of data on the user's browser, making it possible to remember user preferences or information across different sessions.
Our project involves creating a form where users can input their information, storing the submitted data in cookies, and then viewing or deleting the cookie data. By the end of this tutorial, you'll understand how to set, retrieve, and delete cookies in PHP.
What Are Cookies?
Cookies are small files stored on the user's browser. They allow web servers to store data specific to a user and retrieve it on subsequent visits. In PHP, you can work with cookies using the setcookie() function to create or update cookies and the $_COOKIE superglobal to read them.
The Project: PHP Form with Cookie Handling
We'll create a simple application that:
- Allows users to submit their information via a form.
- Stores the submitted data in cookies.
- Displays the stored cookie data.
- Provides an option to delete the cookies.
File Structure
Our project includes the following files:
project-folder/
│
├── index.php # Form page
├── submit.php # Form handling and cookie storage
├── view_cookie.php # Viewing cookie data
├── delete_cookie.php # Deleting cookie data
Step 1: Creating the Form (index.php)
The index.php file contains the HTML form for user input, along with buttons to view or delete cookie data.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>PHP Form with Cookie Handling</title>
</head>
<body>
<h1>Submit Your Information</h1>
<!-- Form Section for User Input -->
<form method="get" action="submit.php">
<label for="name">Name:</label><br>
<input type="text" id="name" name="name"><br><br>
<label for="age">Age:</label><br>
<input type="number" id="age" name="age"><br><br>
<label for="email">Email:</label><br>
<input type="email" id="email" name="email"><br><br>
<label for="website">Website:</label><br>
<input type="url" id="website" name="website"><br><br>
<label>Gender:</label><br>
<input type="radio" id="male" name="gender" value="Male">
<label for="male">Male</label><br>
<input type="radio" id="female" name="gender" value="Female">
<label for="female">Female</label><br><br>
<label>Hobbies:</label><br>
<input type="checkbox" id="reading" name="hobbies[]" value="Reading">
<label for="reading">Reading</label><br>
<input type="checkbox" id="traveling" name="hobbies[]" value="Traveling">
<label for="traveling">Traveling</label><br>
<input type="checkbox" id="sports" name="hobbies[]" value="Sports">
<label for="sports">Sports</label><br>
<input type="checkbox" id="music" name="hobbies[]" value="Music">
<label for="music">Music</label><br><br>
<label for="comments">Comments:</label><br>
<textarea id="comments" name="comments" rows="4" cols="50" placeholder="Write your comments here..."></textarea><br><br>
<input type="submit" value="Submit">
</form>
<br><br>
<!-- Buttons for View and Delete Cookie -->
<form action="view_cookie.php">
<input type="submit" value="View Cookie Data">
</form>
<form action="delete_cookie.php">
<input type="submit" value="Delete Cookie Data">
</form>
</body>
</html>
Step 2: Handling Form Submission (submit.php)
The submit.php file processes the form data, validates and sanitizes it, and then stores it in cookies.
<?php
// Initialize error messages and data variables
$error_name = "";
$error_age = "";
$error_email = "";
$error_website = "";
$name = $age = $email = $website = $gender = $comments = $hobbies = "";
// Sanitize and validate the form data
if ($_SERVER["REQUEST_METHOD"] == "GET") {
// Sanitize inputs
$name = htmlspecialchars(trim($_GET['name']));
$age = htmlspecialchars(trim($_GET['age']));
$email = htmlspecialchars(trim($_GET['email']));
$website = htmlspecialchars(trim($_GET['website']));
$gender = isset($_GET['gender']) ? $_GET['gender'] : '';
$hobbies = isset($_GET['hobbies']) ? $_GET['hobbies'] : [];
$comments = htmlspecialchars(trim($_GET['comments']));
// Validation checks
if (empty($name)) {
$error_name = "Name is required.";
}
if (empty($age) || !filter_var($age, FILTER_VALIDATE_INT) || $age <= 0) {
$error_age = "Valid age is required.";
}
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error_email = "Valid email is required.";
}
if (empty($website) || !filter_var($website, FILTER_VALIDATE_URL)) {
$error_website = "Valid website URL is required.";
}
// If no errors, set cookies
if (empty($error_name) && empty($error_age) && empty($error_email) && empty($error_website)) {
// Set cookies for the form data
setcookie("name", $name, time() + (86400 * 30), "/");
setcookie("age", $age, time() + (86400 * 30), "/");
setcookie("email", $email, time() + (86400 * 30), "/");
setcookie("website", $website, time() + (86400 * 30), "/");
setcookie("gender", $gender, time() + (86400 * 30), "/");
setcookie("hobbies", implode(", ", $hobbies), time() + (86400 * 30), "/");
setcookie("comments", $comments, time() + (86400 * 30), "/");
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Form Submission Result</title>
</head>
<body>
<h1>Form Submission Result</h1>
<!-- Show Errors if any -->
<?php
if ($error_name) {
echo "<p style='color: red;'>$error_name</p>";
}
if ($error_age) {
echo "<p style='color: red;'>$error_age</p>";
}
if ($error_email) {
echo "<p style='color: red;'>$error_email</p>";
}
if ($error_website) {
echo "<p style='color: red;'>$error_website</p>";
}
if (empty($error_name) && empty($error_age) && empty($error_email) && empty($error_website)) {
// Display the form submission results
echo "<h2>Form Submission Results:</h2>";
echo "<p><strong>Name:</strong> $name</p>";
echo "<p><strong>Age:</strong> $age</p>";
echo "<p><strong>Email:</strong> $email</p>";
echo "<p><strong>Website:</strong> <a href='$website' target='_blank'>$website</a></p>";
echo "<p><strong>Gender:</strong> $gender</p>";
echo "<p><strong>Hobbies:</strong> " . implode(", ", $hobbies) . "</p>";
echo "<p><strong>Comments:</strong> $comments</p>";
}
?>
<br><br>
<a href="index.php">Go Back</a>
</body>
</html>
Step 3: Viewing Cookie Data (view_cookie.php)
This file displays the cookie data stored on the user's browser.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>View Cookie Data</title>
</head>
<body>
<h1>View Stored Cookie Data</h1>
<?php
if (isset($_COOKIE['name'])) {
echo "<p><strong>Name:</strong> " . $_COOKIE['name'] . "</p>";
echo "<p><strong>Age:</strong> " . $_COOKIE['age'] . "</p>";
echo "<p><strong>Email:</strong> " . $_COOKIE['email'] . "</p>";
echo "<p><strong>Website:</strong> <a href='" . $_COOKIE['website'] . "' target='_blank'>" . $_COOKIE['website'] . "</a></p>";
echo "<p><strong>Gender:</strong> " . $_COOKIE['gender'] . "</p>";
echo "<p><strong>Hobbies:</strong> " . $_COOKIE['hobbies'] . "</p>";
echo "<p><strong>Comments:</strong> " . $_COOKIE['comments'] . "</p>";
} else {
echo "<p>No cookie data found!</p>";
}
?>
<br><br>
<a href="index.php">Go Back</a>
</body>
</html>
Step 4: Deleting Cookie Data (delete_cookie.php)
This file deletes the cookies by setting their expiration time to the past.
<?php
// Deleting cookies by setting their expiration time to past
setcookie("name", "", time() - 3600, "/");
setcookie("age", "", time() - 3600, "/");
setcookie("email", "", time() - 3600, "/");
setcookie("website", "", time() - 3600, "/");
setcookie("gender", "", time() - 3600, "/");
setcookie("hobbies", "", time() - 3600, "/");
setcookie("comments", "", time() - 3600, "/");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Cookie Deleted</title>
</head>
<body>
<h1>Cookies Deleted</h1>
<p>All cookies have been deleted successfully.</p>
<br><br>
<a href="index.php">Go Back</a>
</body>
</html>
Conclusion
This project demonstrates how to use cookies for form handling in PHP. By implementing cookies, you can persist user data and improve the functionality of your web applications. Experiment with this project and explore more advanced use cases for cookies in PHP.
Happy coding! 🎉
Top comments (4)
This is all sorts of wrong. You should not be storing user information in cookies, ever.
Also, this code is outdated, using null coalescing operator to check input variables is preferred.
You are not using try catch blocks which is also a mistake, not using them makes your code clunky and overly verbose.
No one should be using your code at all. Just delete this post, it is not helpful and potentially dangerous.
Regarding verbosity, I intentionally chose a more detailed approach because I believe beginners benefit from writing out full logic to understand how each part of the code works. Shortcuts and shorthands are valuable for experienced developers but can confuse those just starting. My goal is to ensure that beginners build a solid understanding before adopting more advanced techniques.
I appreciate your feedback and will add disclaimers to clarify the purpose and scope of this tutorial. However, I believe the current approach aligns with my goal of making the content accessible to beginners, so I don’t plan to make major changes to the structure or examples.
Thank you for your feedback! I understand your concerns, especially regarding storing sensitive data in cookies and using more modern syntax. This post is intended as a beginner-friendly introduction to the concept of cookies in PHP, focusing on how the
setcookie()and$_COOKIEfunctions work. It's not meant to represent real-world use cases or security practices but rather to help newcomers understand the basics before moving on to more advanced topics.