- PHP Manual
- Session Functions
- Set the session cookie parameters
session_set_cookie_params
(PHP 4, PHP 5, PHP 7, PHP 8)
session_set_cookie_params — Set the session cookie parameters
Description
int
$lifetime_or_options
,?string
$path
= null
,?string
$domain
= null
,?bool
$secure
= null
,?bool
$httponly
= null
): bool
Alternative signature available as of PHP 7.3.0:
$lifetime_or_options
): boolSet cookie parameters defined in the php.ini file. The effect of this function only lasts for the duration of the script. Thus, you need to call session_set_cookie_params() for every request and before session_start() is called.
This function updates the runtime ini values of the corresponding PHP ini configuration keys which can be retrieved with the ini_get().
Parameters
-
lifetime_or_options
-
When using the first signature, lifetime of the session cookie, defined in seconds.
When using the second signature, an associative array which may have any of the keys
lifetime
,path
,domain
,secure
,httponly
andsamesite
. The values have the same meaning as described for the parameters with the same name. The value of thesamesite
element should be eitherLax
orStrict
. If any of the allowed options are not given, their default values are the same as the default values of the explicit parameters. If thesamesite
element is omitted, no SameSite cookie attribute is set. -
path
-
Path on the domain where the cookie will work. Use a single slash ('/') for all paths on the domain.
-
domain
-
Cookie domain, for example 'www.php.net'. To make cookies visible on all subdomains then the domain must be prefixed with a dot like '.php.net'.
-
secure
-
If
true
cookie will only be sent over secure connections. -
httponly
-
If set to
true
then PHP will attempt to send the httponly flag when setting the session cookie.
Return Values
Returns true
on success or false
on failure.
Changelog
Version | Description |
---|---|
8.0.0 |
path , domain ,
secure and httponly are nullable now.
|
7.3.0 |
An alternative signature supporting an lifetime_or_options
array has been added. This signature supports also setting of the
SameSite cookie attribute.
|
7.2.0 |
Returns true on success or false on failure. Formerly the function returned void.
|
See Also
- session.cookie_lifetime
- session.cookie_path
- session.cookie_domain
- session.cookie_secure
- session.cookie_httponly
- session.cookie_samesite
- session_get_cookie_params() - Get the session cookie parameters