Cookies can be made safer using flags.
  
  ## Key flags
  
  - HttpOnly: JS cannot read cookie (helps reduce damage from XSS)
  - Secure: cookie only sent over HTTPS
  - SameSite: reduces CSRF by controlling cross-site sends
  
  ## Example setcookie with options
  
  ```php
  setcookie("session_id", $value, [
    "expires" => time() + 3600,
    "path" => "/",
    "secure" => true,
    "httponly" => true,
    "samesite" => "Lax"
  ]);
  ```
  
  ## Practical note
  - Use Secure only when HTTPS is enabled
  - SameSite=None requires Secure=true
  
  > Next: Email sending, SMTP, and safe mail flows in PHP.

Set cookies like a professional and reduce risks like XSS cookie theft and CSRF.

Cookie Security Flags: HttpOnly, Secure, SameSite

Learn PHP programming for server-side web development. Master PHP syntax, functions, and building dynamic websites.

Cookie Security Flags: HttpOnly, Secure, SameSite

Key flags

Example setcookie with options

Practical note

More on PHP

PHP Introduction

Install PHP and Run Your First Script

PHP Syntax and Mixing with HTML