Reputation: 447
cookie name value in setcookie()
I will use php setcookie function to implement persistent login.
My question is this:
Does the "name" of the cookie have to follow the same strict security guidelines as it's "value" or it can be any word I like, not hashed or anything similar?
Upvotes: 0
Views: 102
Answers (3)
Reputation: 488
It doesn't have to, but if you store cookie names in constants or similiar, then go ahead and make it "unreadable", it's always some security step. Cookie named "hDS4aH8AwdE" attracts less attention than "user_credentials".
Upvotes: 1
Reputation: 2561
cookie name is not related to it's value by any means. you can create cookie of any name and store any information that you want.
setcookie("COOKIE_NAME", 'COOKIE_VALUE', COOKIE_TIME_OUT);
you only need to follow it's syntex
Upvotes: 0
Reputation: 39704
I could be anything you want, does not have to be value related. Remember that cookies are visible by the user so "sensitive" information should not be stored.
setcookie("MyCustomCookie", 'Europe', time()+3600);
Upvotes: 0