PHP 8.4.1 Released!

setrawcookie

(PHP 5, PHP 7, PHP 8)

setrawcookieEnvoie un cookie sans encoder sa valeur en URL

Description

setrawcookie(
    string $name,
    string $value = ?,
    int $expires_or_options = 0,
    string $path = ?,
    string $domain = ?,
    bool $secure = false,
    bool $httponly = false
): bool

Signature alternative disponible à partir de PHP 7.3.0 (pas supporté avec les paramètres nommés) :

setrawcookie(string $name, string $value = ?, array $options = []): bool

setrawcookie() est identique à setcookie() excepté que la valeur du cookie ne sera pas automatiquement encodée URL lors de l'envoi au navigateur.

Liste de paramètres

Pour plus d'informations, reportez-vous à la documentation de la fonction setcookie().

Valeurs de retour

Cette fonction retourne true en cas de succès ou false si une erreur survient.

Historique

Version Description
7.3.0 Une signature alternative supportant un tableau d'options a été ajouté. Cette signature supporte la définition de l'attribut SameSite du cookie.

Voir aussi

add a note

User Contributed Notes 2 notes

up
25
Brian
18 years ago
Firefox is following the real spec and does not decode '+' to space...in fact it further encodes them to '%2B' to store the cookie. If you read a cookie using javascript and unescape it, all your spaces will be turned to '+'.
To fix this problem, use setrawcookie and rawurlencode:

<?php
setrawcookie
('cookie_name', rawurlencode($value), time()+60*60*24*365);
?>

The only change is that spaces will be encoded to '%20' instead of '+' and will now decode properly.
up
11
subs at voracity dot org
17 years ago
setrawcookie() isn't entirely 'raw'. It will check the value for invalid characters, and then disallow the cookie if there are any. These are the invalid characters to keep in mind: ',;<space>\t\r\n\013\014'.

Note that comma, space and tab are three of the invalid characters. IE, Firefox and Opera work fine with these characters, and PHP reads cookies containing them fine as well. However, if you want to use these characters in cookies that you set from php, you need to use header().
To Top