Naming cookies - best practices

What should cookie names look like?

Should they be:

• lower_case
• CamelCase
• Underscore_Camel_Case
• UPPER_CASE

Or should they be something else?

appname_meaningfulname

Keep in mind that this cookie is sent with every request, so imho, just use the smallest name you can, and document your code nicely.

It should be something that avoids naming conflicts with arbitrary _GET and _POST params you might be using, since _REQUEST wraps all three global arrays (!), with precedence depending on how your variables_order setting is set in php.ini. In other words, if you have a _COOKIE named "x" and a querystring param named "x", and you ask for $_REQUEST["x"], you get the cookie value when you might want/expect the GET param. This is especially problematic if your cookies are scoped to your website root "/", and not to the folder where they are consumed.

So I say, two best practices:

1. make sure you limit scope of your cookies to the path where they are read and written, (third argument of setcookie() method does this)
2. give your cookies some sort of cookie-specific naming convention. I suggest reverse website, like java namespaces, then ".".{appname}.".".{friendly cookie name camel cased} So, if your site is www.testsite.com, and your app is foo, and your variable is "bar bar bar bar bar barann", it would be "com.testsite.foo.barBarBarBarBarBarann"

I use whatever style the coding standards for the project call for.

Generally I prefer camelCase for naming schemes, but whichever one pays the bills is the one I'll go with.

Maybe you won't like my answer:

Don't use your own cookies but store data in server sessions. So you only need one cookie (to reference the session id) and how you name that plays no role.