session_set_cookie_params
(PHP 4, PHP 5, PHP 7, PHP 8)
session_set_cookie_params — Set the session cookie parameters
Description
int
$lifetime_or_options,?string
$path = null,?string
$domain = null,?bool
$secure = null,?bool
$httponly = null): bool
Alternative signature available as of PHP 7.3.0:
Set cookie parameters defined in the php.ini file. The effect of this function only lasts for the duration of the script. Thus, you need to call session_set_cookie_params() for every request and before session_start() is called.
This function updates the runtime ini values of the corresponding PHP ini configuration keys which can be retrieved with the ini_get().
Parameters
lifetime_or_optionsWhen using the first signature, lifetime of the session cookie, defined in seconds.
When using the second signature, an associative array which may have any of the keys
lifetime,path,domain,secure,httponlyandsamesite. The values have the same meaning as described for the parameters with the same name. The value of thesamesiteelement should be eitherLaxorStrict. If any of the allowed options are not given, their default values are the same as the default values of the explicit parameters. If thesamesiteelement is omitted, no SameSite cookie attribute is set.pathPath on the domain where the cookie will work. Use a single slash ('/') for all paths on the domain.
domainCookie domain, for example 'www.php.net'. To make cookies visible on all subdomains then the domain must be prefixed with a dot like '.php.net'.
securehttponlyIf set to
truethen PHP will attempt to send the httponly flag when setting the session cookie.
Changelog
| Version | Description |
|---|---|
| 8.0.0 | path, domain, secure and httponly are nullable now. |
| 7.3.0 | An alternative signature supporting an lifetime_or_options array has been added. This signature supports also setting of the SameSite cookie attribute. |
| 7.2.0 | Returns true on success or false on failure. Formerly the function returned void. |