HTTP These functions let you manipulate the output sent back to the remote browser right down to the HTTP protocol level. header Send a raw HTTP header int header string string The Header function is used at the top of an HTML file to send raw HTTP header strings. See the HTTP 1.1 Specification for more information on raw http headers. Note: Remember that the Header function must be called before any actual output is sent either by normal HTML tags or from PHP. It is a very common error to read code with include or with auto_prepend and have spaces or empty lines in this code that force output before header is called. Header("Location: http://www.php.net"); /* Redirect browser to PHP web site */ exit; /* Make sure that code below does not get executed when we redirect. */ PHP scripts often generate dynamic HTML that must not be cached by the client browser or any proxy caches between the server and the client browser. Many proxies and clients can be forced to disable caching with header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Pragma: no-cache"); // HTTP/1.0 setcookie Send a cookie int setcookie string name string value int expire string path string domain int secure SetCookie defines a cookie to be sent along with the rest of the header information. Cookies must be sent before any other headers are sent (this is a restriction of Cookies, not PHP). This requires you to place calls to this function before any <html> or <head> tags. All the arguments except the name argument are optional. If only the name argument is present, the cookie by that name will be deleted from the remote client. You may also replace any argument with an empty string ("") in order to skip that argument. The expire and secure arguments are integers and cannot be skipped with an empty string. Use a zero (0) instead. The expire argument is a regular Unix time integer as returned by the time or mktime functions. The secure indicates that the cookie should only be transmitted over a secure HTTPS connection. Common Pitfalls: Cookies will not become visable until the next loading of a page that the cookie should be visable for. Multiple calls to setcookie in the same script will be performed in the reverse order. If you are trying to delete one cookie before inserting another you should put the insert before the delete. Some examples follow: SetCookie("TestCookie","Test Value"); SetCookie("TestCookie",$value,time()+3600); /* expire in 1 hour */ SetCookie("TestCookie",$value,time()+3600,"/~rasmus/",".utoronto.ca",1); Note that the value portion of the cookie will automatically be urlencoded when you send the cookie, and when it is received, it is automatically decoded and assigned to a variable by the same name as the cookie name. To see the contents of our test cookie in a script, simply use one of the following examples: echo $TestCookie; echo $HTTP_COOKIE_VARS["TestCookie"]; For more information on cookies, see Netscape's cookie specification at &spec.cookies;. Microsoft Internet Explorer 4 with Service Pack 1 applied does not correctly deal with cookies that have their path parameter set. Netscape Communicator 4.05 and Microsoft Internet Explorer 3.x appear to handle cookies incorrectly when the path and time are not set.