wp-forge / wp-cookie-manager
A WordPress library to simplify cookie management.
Installs: 2 314
Dependents: 0
Suggesters: 0
Security: 0
Stars: 5
Watchers: 2
Forks: 3
Open Issues: 0
This package is auto-updated.
Last update: 2024-10-16 21:12:34 UTC
README
A WordPress library to simplify cookie management.
What It Does
Abstracts away all the PHP cookie management and WordPress cookie constants so you can just get and set cookies.
How to Use It
- Add to your project via Composer:
$ composer require wp-forge/wp-cookie-manager
- Make sure you have added the Composer autoloader to your project:
<?php require __DIR__ . '/vendor/autoload.php';
- Start managing cookies
<?php use WP_Forge\CookieManager\CookieManager; // Set a cookie CookieManager::get()->cookie('myCookieName')->set('myCookieValue', time() + 86400); // Expires one day from now // Check if cookie exists CookieManager::get()->cookie('myCookieName')->exists(); // Get cookie value, or default value if it doesn't exist CookieManager::get()->cookie('myCookieName')->value('myDefaultValue'); // Delete cookie CookieManager::get()->cookie('myCookieName')->delete();
Using the Underlying Cookie Class
The CookieManager
provides you with a global way to configure and manage working with cookies. However, if you need to
work with a cookie that needs a very different configuration, you can use the Cookie
class directly.
Note that using the Cookie
class directly will not use the smart defaults provided by the CookieManager
.
<?php use WP_Forge\CookieManager\Cookie; // Create a cookie instance $cookie = Cookie::make('myCookieName') ->setDomain(COOKIE_DOMAIN) ->setPath(COOKIEPATH) ->setSecure(is_ssl()) ->setHttpOnly(true); // Set a cookie $cookie->set('myCookieValue', time() + 86400) // Expires one day from now // Check if cookie exists $cookie->exists(); // Get cookie value $cookie->value(); // Get cookie value, or default value if the cookie doesn't exist $cookie->value('myDefaultValue'); // Delete cookie $cookie->delete();
Advanced Usage
By default, the CookieManager
will use smart, WordPress-specific defaults. These defaults can be overridden and
the steps to do so are outlined below.
Customizable properties
Name Prefix
By default, all cookie names are prefixed with wp-
. This can be changed by setting the $namePrefix
property.
<?php use WP_Forge\CookieManager\CookieManager; $cookieManager = CookieManager::get(); $cookieManager->namePrefix = 'my-prefix-'; // Set to an empty string to disable the prefix $cookieManager->cookie('myCookieName')->exists();
Name Suffix
By default, all cookie names are suffixed with a -
followed by the WordPress COOKIEHASH
constant. This can be
changed by setting the$nameSuffix
property.
<?php use WP_Forge\CookieManager\CookieManager; $cookieManager = CookieManager::get(); $cookieManager->nameSuffix = '-my-suffix'; // Set to an empty string to disable the suffix $cookieManager->cookie('myCookieName')->exists();
Path
By default, the cookie path is set to the WordPress COOKIEPATH
constant. This can be changed by setting the$path
property.
<?php use WP_Forge\CookieManager\CookieManager; $cookieManager = CookieManager::get(); $cookieManager->path = '/my/path'; $cookieManager->cookie('myCookieName')->exists();
Domain
By default, the cookie domain is set to the WordPress COOKIE_DOMAIN
constant. If the COOKIE_DOMAIN
is empty, it
falls back to the $_SERVER['HTTP_HOST']
value (i.e. the current domain). This can be overwritten by setting
the$domain
property.
<?php use WP_Forge\CookieManager\CookieManager; $cookieManager = CookieManager::get(); $cookieManager->domain = '.example.com'; $cookieManager->cookie('myCookieName')->exists();
Secure
By default, the $secure
property is set to the value returned by the is_ssl()
WordPress function. Setting the value
to true
will ensure that the cookie is only sent over an HTTPS connection. Setting the value to false
will ensure
that the cookie is always sent, regardless of whether the connection is encrypted.
<?php use WP_Forge\CookieManager\CookieManager; $cookieManager = CookieManager::get(); $cookieManager->secure = false; $cookieManager->cookie('myCookieName')->exists();
HTTP Only
By default, the $httpOnly
property is set to false
, which means that the cookie will be available in all contexts.
Setting the value to true
will ensure that the cookie is only accessible in PHP, not JavaScript. This can be useful to
help prevent identify theft via XSS attacks.
<?php use WP_Forge\CookieManager\CookieManager; $cookieManager = CookieManager::get(); $cookieManager->httpOnly = true; $cookieManager->cookie('myCookieName')->exists();