🐘 PHP
Beginner
What are cookies in PHP?
Answer
A cookie is a small piece of data stored in the user's browser, sent to the server with every HTTP request. Set a cookie with setcookie(name, value, expiry, path, domain, secure, httponly) — this must be called before any output. Read cookies via $_COOKIE["name"]. Cookies persist on the browser until they expire or are deleted. Key security flags: HttpOnly (prevents JavaScript access, mitigating XSS), Secure (only sent over HTTPS), and SameSite (controls cross-site request behavior, mitigating CSRF). Unlike sessions (server-side), cookies store data client-side — do not store sensitive data (passwords, tokens) in cookies without encryption.