The Cookie Helper file contains handlers that assist in working with cookies.
Loading this Helper
This helper is loaded using the following code:
The following handlers are available:
Sets a cookie containing the values you specify. There are two ways to pass information to this handler so that a cookie can be set: Array Method, and Discrete Parameters:
Using this method, an associative array is passed to the first parameter:
put "The Cookie Name" into tCookieA["name"] put "The Value" into tCookieA["value"] put 86500 into tCookieA["expire"] put ".some-domain.com" into tCookieA["domain"] put "/" into tCookieA["path"] put "myprefix" into tCookieA["prefix"] put FALSE into tCookieA["replace"] -- set to TRUE, if you want to overwrite the most recent cookie header put TRUE into tCookieA["secure"] put FALSE into tCookieA["httponly"] put "Lax" into tCookieA["samesite"] rigSetCookie tCookieA
- Only the name and value are required. All other parameters are optional. To delete a cookie set it with the expiration blank.
- Although cookie values need to be strings revIgniter optionally allows to use arrays as value.
- The expiration is set in seconds, which will be added to the current time. Do not include the time, but rather only the number of seconds from now that you wish the cookie to be valid. If the expiration is set to zero the cookie will only last as long as the browser is open.
- For site-wide cookies regardless of how your site is requested, add your URL to the domain starting with a period, like this: .your-domain.com The domain can also be set in application/config/config.lc
- The path is usually not needed since the handler sets a root path. The path can be set in application/config/config.lc too.
- The prefix is only needed if you need to avoid name collisions with other identically named cookies for your server. This value can be set in application/config/config.lc too.
- Set the replace boolean to TRUE, if you want to overwrite the most recent cookie header
- The secure boolean is only needed if you want to make it a secure cookie by setting it to TRUE (Cookies will only be set if a secure HTTPS connection exists). This boolean can be set in application/config/config.lc too.
- The samesite attribute provides some protection against CSRF attacks. Values are: "Strict", "Lax" or "None". If you do not include this parameter it is provided by application/config/config.lc
If you prefer, you can set the cookie by passing data using individual parameters:
rigSetCookie tName, tValue, tExp, tDomain, tPath, tPrefix, tReplace, pSecure, pHttpOnly, pSameSite
Note: Keep in mind that the current time used to calculate the expiration date is referenced either to your server's local time or GMT, based on the "time reference" setting in your config file.
Lets you fetch a cookie. The first parameter will contain the name of the cookie you are looking for (including any prefixes):
put rigGetCookie("someCookie") into tCookieData
The function returns FALSE (boolean) if the item you are attempting to retrieve does not exist.
The second optional parameter lets you run the data through the XSS filter. It's enabled by setting the second parameter to boolean TRUE;
put rigGetCookie("someCookie", TRUE) into tCookieData
Lets you delete a cookie. Unless you've set a custom path or other values, only the name of the cookie is needed:
This handler is otherwise identical to rigSetCookie, except that it does not have the value and expiration parameters. You can submit an array of values in the first parameter or you can set discrete parameters.
rigDeleteCookie tName, tDomain, tPath, tPrefix
Note: See cookie related settings in application/config/config.lc.