Lesson 13 of 20

Sessions & Cookies

Sessions

Sessions store user data on the server across multiple page requests. Each user gets a unique session ID stored in a cookie.

Example
<?php
// Start session (must be called before any output)
session_start();

// Set session data
$_SESSION['user'] = 'Alice';
$_SESSION['role'] = 'admin';
$_SESSION['login_time'] = time();

// Read session data
if (isset($_SESSION['user'])) {
    echo "Welcome, " . $_SESSION['user'];
}

// Remove specific session variable
unset($_SESSION['role']);

// Destroy entire session (logout)
session_destroy();
?>

Cookies

Cookies are stored on the user's browser and sent with every request. Use them for preferences and non-sensitive data.

Example
<?php
// Set a cookie (expires in 30 days)
setcookie('theme', 'dark', time() + (86400 * 30), '/');
setcookie('language', 'en', time() + (86400 * 30), '/');

// Read cookies
$theme = $_COOKIE['theme'] ?? 'light';
echo "Theme: $theme";

// Delete a cookie (set expiration in the past)
setcookie('theme', '', time() - 3600, '/');

// Check if cookies are enabled
if (count($_COOKIE) > 0) {
    echo "Cookies are enabled";
}
?>