In PHP, how do we set an HTTP cookie on the client browser from a script?

Introduction / Context:
Cookies are small pieces of data stored by the browser that allow web applications to remember information across requests, such as login status or user preferences. In PHP, setting a cookie requires sending the correct HTTP header before any body content is output. Simply writing values into the $_COOKIE array does not instruct the browser to store anything new. This question asks how to set a cookie correctly from a PHP script.

Given Data / Assumptions:

• The PHP script runs in a web server context and can send HTTP headers to the browser.
• We want to create or update a cookie with a specific name and value.
• Cookies must be sent before any actual HTML or text output.
• PHP provides a standard function to handle cookie headers.

Concept / Approach:
The correct way to set a cookie in PHP is to call the setcookie function. This function generates the appropriate Set Cookie header based on the parameters you pass, such as the cookie name, value, expiry timestamp, path, domain, and security flags. Because headers must be sent before body output, setcookie must be called before any echo statements or HTML content. The browser receives this header, stores the cookie, and sends it back to the server in subsequent requests in the Cookie header, which PHP then exposes through the $_COOKIE superglobal.

Step-by-Step Solution:
Step 1: Choose a cookie name and value, such as user_theme and dark, and determine how long the cookie should last.Step 2: Before sending any output, call setcookie with the name, value, expiry time as a Unix timestamp, path, and optional domain and secure flags.Step 3: Ensure that no output has been sent before setcookie is called; otherwise PHP will not be able to modify headers.Step 4: On the next request from the same browser, access the new cookie value through $_COOKIE with the same name.Step 5: Adjust expiry or clear cookies by calling setcookie again with a past expiry time when you want to delete them.

Verification / Alternative check:
To verify correct behaviour, you can use browser developer tools to inspect the response headers and stored cookies after visiting the PHP page. You should see a Set Cookie header with the expected name and value, and then a Cookie header on subsequent requests. Printing $_COOKIE from PHP will show that the value is available only after the browser has returned it in a later request, which confirms the round trip behaviour of cookies.

Why Other Options Are Wrong:
Option B mentions writing to a local text file on the client, which is not possible directly from PHP, because PHP runs on the server and does not access the client file system. Option C suggests modifying $_COOKIE directly, but changing this array in PHP does not instruct the browser to store anything; it only affects the current request. Option D talks about sending an email, which does not interact with browser cookie storage at all. None of these actions correctly set HTTP cookies in the browser.

Common Pitfalls:
A common pitfall is forgetting that headers must be sent before any output. Accidentally echoing whitespace or having a byte order mark in included files can cause setcookie to fail with header errors. Another mistake is storing sensitive information in cookies without using secure and HttpOnly flags or encryption, which can expose data to theft or script access. Developers should carefully choose cookie names, lifetimes, and security attributes, and always use HTTPS when transmitting session identifiers and other sensitive cookies.

Final Answer:
Correct answer: By calling setcookie with parameters such as name, value, expiry time, path, and domain before any output is sent