Cookies - graphidev/WOK GitHub Wiki

Native PHP tools to generate and use cookie are authorized in your projects. However, it is advised to use the Cookies class.

Generate cookie

Cookies::set($name, $value, $duration = COOKIES_LIFETIME, $secured = false);

This method will generate cookies for the project directory and all domain associated (SYSTEM_DOMAIN & SYSTEM_DOMAIN_ALIAS)

The secured parameter set the HTTP only parameter and encrypt the cookie's value (see the section : Cookies encryption method)

Get cookie value

This method is specialy made for cookies that have been secured :

Cookie::get($name, $decrypt = false);

To read an encrypted cookie, set the $decrypt parameter to get the readable value

Destroy cookies

This function is a shortcut to the PHP native setcookie function. However, it destroy the cookies for every domain associated.

Cookie::destroy($name);

Cookies encryption method

In order to secure cookies values, WOK generate an encrypted value with a private key (defined in settings.php) and a public key which is generated with the cookie's creation time.

By default, the values encryption method is RIJNDAEL 256 (with CBC mode).

IMPORTANT : Crypting cookie's value do not prevent cookies copy from client. It only prevent cookies' values comprehension.

Cookies encryption require the Mcrypt library