Standard PrestaShop Cookies

PrestaShop uses encrypted cookies to store all the session information, for visitors/clients as well as for employees/administrators.

Data stored in a visitor/client's cookie

Token Description
date_add The date and time the cookie was created (in YYYY-MM-DD HH:MM:SS format).
id_lang The ID of the selected language.
id_currency The ID of the selected currency.
last_visited_category The ID of the last visited category of product listings.
ajax_blockcart_display Whether the cart block is "expanded" or "collapsed".
viewed The IDs of recently viewed products as a comma-separated list.
id_wishlist The ID of the current wishlist displayed in the wishlist block.
checkedTOS Whether the "Terms of service" checkbox has been ticked (1 if it has and 0 if it hasn't)
id_connections The connection ID of the visitor's current session.
id_customer The customer ID of the visitor when logged in.
id_guest The guest ID of the visitor when not logged in.
customer_lastname The last name of the customer.
customer_firstname The first name of the customer.
logged Whether the customer is logged in.
passwd The MD5 hash of the _COOKIE_KEY_ in config / settings.inc.php and the password the customer used to log in.
email The email address that the customer used to log in.
id_cart The ID of the current cart displayed in the cart block.
checksum The Blowfish checksum used to determine whether the cookie has been modified by a third party. The customer will be logged out and the cookie deleted if the checksum doesn't match.

Data stored in an employee/administrator's cookie

Token Description
date_add The date and time the cookie was created (in YYYY-MM-DD HH:MM:SS format).
id_lang The ID of the selected language.
id_employee The ID of the employee.
lastname The last name of the employee.
firstname The first name of the employee
email The email address the employee used to log in.
profile The ID of the profile that determines which tabs the employee can access.
passwd The MD5 hash of the _COOKIE_KEY_ in config / settings.inc.php and the password the employee used to log in.
checksum The Blowfish checksum used to determine whether the cookie has been modified by a third party. If the checksum doesn't match, the customer will be logged out and the cookie is deleted .