I’m refactoring some code and found something I’ve never seen. the function is used for user to set cookie when user logs in:
function setUserCookie($name, $value) {
$date = date("D, d M Y H:i:s",strtotime('1 January 2015')) . 'GMT';
header("Set-Cookie: {$name}={$value}; EXPIRES{$date};");
}
now that I’ve been assigned to refactor code I’m planning to use setcookie function which essentially does same thing according to php.net.
My question is: is there any difference between two and which one should I use?
NOTE: this code was written long time ago so I’m assuming that at that time setcookie didnt exist?
Advertisement
Answer
There’s no good reason not to use setcookie. The above code doesn’t properly encode names and values, so that’s at least one major benefit to refactoring.