Finding Cookie Expiry Time in PHP?

StackOverflow https://stackoverflow.com/questions/17465921

  •  02-06-2022
  •  | 
  •  

Question

I want to see my cookie expiry time.

My Code is like this :

setcookie('blockipCaptcha','yes',time() + (86400 * 7));

But I want to see the cookie expiry time whenever I am refreshing the page. How do to this?

Was it helpful?

Solution

You cannot get the cookie expiry time unless you encode that information as part of the cookie (the browser, who has this information, does not send it over). For example:

$expiresOn = time() + (86400 * 7);
setcookie('blockipCaptcha','yes;expires=' . $expiresOn, $expiresOn);

Even then, someone could theoretically tamper with the cookie contents so you cannot really "trust" the value unless the cookie contents are also cryptographically authenticated with a HMAC.

An example of how to sign and authenticate the contents of the cookie:

$secretKey = ''; // this must be a per-user secret key stored in your database
$expiresOn = time() + (86400 * 7);
$contents = 'yes;expires=' . $expiresOn;
$contents = $contents . ';hmac='. hash_hmac('sha256', $contents, $secretKey);

When you get back the contents of the cookie, strip out and validate the HMAC part:

$contents = $_COOKIE['blockipCaptcha'];

// I 'm doing this slightly hacky for convenience
list ($contents, $hmac) = explode(';hmac=', $contents);

if ($hmac !== hash_hmac('sha256', $contents, $secretKey)) {
    die('Someone tampered with the contents of the cookie!');
}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top