Skip to content

Why cookies are added rather than changed?

I am developing a site where each user should have their own id. When I went into the console, I saw that the id was duplicated instead of being one. Is this normal and should it be?

if (isset($_COOKIE['SESSION']) && (strlen($_COOKIE['SESSION']) === 32)) {
    $uid = $_COOKIE['SESSION'];
} else {
    $uid = openssl_random_pseudo_bytes(16);
    $uid = bin2hex($uid);
setcookie("SESSION", $uid, time()+(60*60*24*30));

enter image description here



Cookies, by default, use the path of the page that they are set for.

You should explicitly set the path to / using the 4th argument to setcookie.

Aside: PHP has built-in session handling. You probably shouldn’t be reinventing the wheel.

User contributions licensed under: CC BY-SA
1 People found this is helpful