I have a domain e.g. example.com which has various subdomains.
I want cookies to only work via:
http://example.com or http://www.example.com and NOT work/be accessible via any other way (ie. subdomain) and be HTTP ONLY.
Would the below work sufficiently?
setcookie($name, $value, $expiry, '/', 'www.example.com', false, true);
The syntax for a cookie in php is:
setcookie(name,value,expire,path,domain,secure,httponly)
So your example should work. http://www.w3schools.com/php/func_http_setcookie.asp is a great resource for all things PHP (or, for that matter, HTML, CSS, and SQL). http://php.net/ is a good source too.