Is this the right way to set a cookie?

// if login is ok then we add a cookie

         $_POST['user_name'] = stripslashes($_POST['user_name']); 

          $hour = time() + 3600; 

             setcookie(ID_my_site, $_POST['user_name'], $hour); 

            setcookie(Key_开发者_Go百科my_site, $_POST['password'], $hour);   

Is this a right way to set cookies? Its been causing me serious redirect errors. See here: PHP Redirect problem with subdomain

No, strings need to be quoted (use error_reporting(E_ALL); to get warnings about bad things like unquoted strings).

setcookie('ID_my_site', $_POST['user_name'], $hour);
setcookie('Key_my_site', $_POST['password'], $hour);

Besides that, if you have to apply stripslashes() to your GPC data, your server configuration is horrible. magic_quotes_gpc should be disabled. Also, only use stripslashes if get_magic_quotes_gpc() is true. Otherwise you must not use stripslashes on GPC data.

Additionally, storing plaintext passwords in cookies is an extremely bad thing! While browsers usually encrypt stored passwords, cookies are not encrypted.

Also, bear in mind that setting a cookie will not work if your script has done an output to the browser. So if you get a warning from a PHP line of code, the cookie won't be set. The following line can easily generate a warning:

$_POST['user_name'] = stripslashes($_POST['user_name']); 

Make sure you check if the key exists in the $_POST array.

if (array_key_exists('user_name', $_POST))