A WordPress library to simplify cookie management.
Abstracts away all the PHP cookie management and WordPress cookie constants so you can just get and set cookies.
- Add to your project via Composer:
$ composer require wp-forge/wp-cookie-manager
- Make sure you have added the Composer autoloader to your project:
<?php
require __DIR__ . '/vendor/autoload.php';
- Start managing cookies
<?php
use WP_Forge\CookieManager\CookieManager;
// Set a cookie
CookieManager::get()->cookie('myCookieName')->set('myCookieValue', time() + 86400); // Expires one day from now
// Check if cookie exists
CookieManager::get()->cookie('myCookieName')->exists();
// Get cookie value, or default value if it doesn't exist
CookieManager::get()->cookie('myCookieName')->value('myDefaultValue');
// Delete cookie
CookieManager::get()->cookie('myCookieName')->delete();
The CookieManager
provides you with a global way to configure and manage working with cookies. However, if you need to
work with a cookie that needs a very different configuration, you can use the Cookie
class directly.
Note that using the Cookie
class directly will not use the smart defaults provided by the CookieManager
.
<?php
use WP_Forge\CookieManager\Cookie;
// Create a cookie instance
$cookie = Cookie::make('myCookieName')
->setDomain(COOKIE_DOMAIN)
->setPath(COOKIEPATH)
->setSecure(is_ssl())
->setHttpOnly(true);
// Set a cookie
$cookie->set('myCookieValue', time() + 86400) // Expires one day from now
// Check if cookie exists
$cookie->exists();
// Get cookie value
$cookie->value();
// Get cookie value, or default value if the cookie doesn't exist
$cookie->value('myDefaultValue');
// Delete cookie
$cookie->delete();
By default, the CookieManager
will use smart, WordPress-specific defaults. These defaults can be overridden and
the steps to do so are outlined below.
By default, all cookie names are prefixed with wp-
. This can be changed by setting the $namePrefix
property.
<?php
use WP_Forge\CookieManager\CookieManager;
$cookieManager = CookieManager::get();
$cookieManager->namePrefix = 'my-prefix-'; // Set to an empty string to disable the prefix
$cookieManager->cookie('myCookieName')->exists();
By default, all cookie names are suffixed with a -
followed by the WordPress COOKIEHASH
constant. This can be
changed by setting the$nameSuffix
property.
<?php
use WP_Forge\CookieManager\CookieManager;
$cookieManager = CookieManager::get();
$cookieManager->nameSuffix = '-my-suffix'; // Set to an empty string to disable the suffix
$cookieManager->cookie('myCookieName')->exists();
By default, the cookie path is set to the WordPress COOKIEPATH
constant. This can be changed by setting the$path
property.
<?php
use WP_Forge\CookieManager\CookieManager;
$cookieManager = CookieManager::get();
$cookieManager->path = '/my/path';
$cookieManager->cookie('myCookieName')->exists();
By default, the cookie domain is set to the WordPress COOKIE_DOMAIN
constant. If the COOKIE_DOMAIN
is empty, it
falls back to the $_SERVER['HTTP_HOST']
value (i.e. the current domain). This can be overwritten by setting
the$domain
property.
<?php
use WP_Forge\CookieManager\CookieManager;
$cookieManager = CookieManager::get();
$cookieManager->domain = '.example.com';
$cookieManager->cookie('myCookieName')->exists();
By default, the $secure
property is set to the value returned by the is_ssl()
WordPress function. Setting the value
to true
will ensure that the cookie is only sent over an HTTPS connection. Setting the value to false
will ensure
that the cookie is always sent, regardless of whether the connection is encrypted.
<?php
use WP_Forge\CookieManager\CookieManager;
$cookieManager = CookieManager::get();
$cookieManager->secure = false;
$cookieManager->cookie('myCookieName')->exists();
By default, the $httpOnly
property is set to false
, which means that the cookie will be available in all contexts.
Setting the value to true
will ensure that the cookie is only accessible in PHP, not JavaScript. This can be useful to
help prevent identify theft via XSS attacks.
<?php
use WP_Forge\CookieManager\CookieManager;
$cookieManager = CookieManager::get();
$cookieManager->httpOnly = true;
$cookieManager->cookie('myCookieName')->exists();