This started as a quick update to the CookieMonster WordPress plugin to allow default values.
It has morphed into a nearly complete re-write to add more functionality than the original.

CookieMonster-plus takes incoming parameters like and puts the values in a cookie so that WordPress can then replace DefaultValue with the value passed (and cookied) within any page or post they may visit.

You can change the value of the example parameter as passed to this page and watch this page update here: (DefaultValue = DefaultValue).

CM+ will also let you specify a default value in the control panel rather than just leaving it blank if example isn't set in the URL or cookie.

CookieMonster-plus Options screen

This was inspired by a call for competency from Paul Myers in his Talkbiz News email newsletter. He mentioned how nicely CM would complement his new product "The Email Affiliate System" and suggested a nice twist possible for affiliates if the plugin allowed a default value. So, I wrote it into CM.

Since then, several things have changed. Because of this plugin, Paul changed "The Email Affiliate System" to "The BEAST" (Blog and Email Affiliate SysTem, in case you missed it at first).

Fall 2015, WordPress changed the way they processed shortcodes that happen to modify HTML tags. This broke one of the main ways that CM+ has been used: to pre-fill form fields based on previous interactions with the site visitor. My friend and client Phil Pustejovsky got in touch after he finally tracked down the source of his conversion rates dropping and narrowing it down to CM+ not filling in forms after the WP update to 4.2.3.

“Cookie Monster Plus has consistently increased conversions by 10% over a period of 4 years. It is incredibly helpful and solves a huge issue that no other WordPress plugin does.” – Phil Pustejovsky, Freedom Mentor

In order to help make the transition from the old, easy way to the slightly convoluted method now needed "for security," I created a quick translation tool that is javascript running in your browser (the only thing I record is how often the "Translate" button gets clicked, none of your data goes anywhere). Since WP strips too many things, click here to use the translation tool.

Whether you use the tool or manually update your code, you'll need to grab the whole <input type="text" /> or whatever the HTML tag happens to be and feed it to a new shortcode in the form [cmp_tag "before" cookiename "after"].

E.g. going from this:

<input name="email" type="email" class="moonray-form-input" id="mr-field-element-284" required value="[email]" placeholder/>


[cmp_tag "input name='email' type='email' class='moonray-form-input' id='mr-field-element-284' required value='" email "' placeholder"]

The things to note:

  • replace the whole tag (e.g. <input type="text" />) with the shortcode,
  • drop the < and /> around the tag,
  • replace the angle brackets with [cmp_tag and ],
  • put each half in double quotes*, and
  • put just the cookie name by itself where you used to use [cookiename].

*Of course, WP doesn't do the right thing with single quotes around shortcode parameter values, which means you have to swap all the double quotes in the original tag for single quotes -- because HTML doesn't care which you use, as long as they match at the beginning and end of any given string.

Three new caveats with 1.3.13's ability to work with ampersands in the "before" or "after" portions of the [cmp_tag] shortcode:

  1. If you switch back to the Visual editor after making the appropriate changes in the Text editor, WordPress will be "helpful" and change them from & to &amp; and break things again.
  2. Using this now turns off "smart quotes" and other things that wptexturize() does to the things we type. Most people will never notice the difference. This note is for those who do notice and may have issue with that.
  3. You can only put one cookie value into a given HTML tag. This becomes more of a potential issue in this use case where you might want to pass along a name and email as it passes from one site to another. Since the primary use case I'm aware of for this feature is to pass an affiliate ID, I think it is a fair solution until I process through all the potential implications of my next solution.



Download the CookieMonster-plus plugin (ver 1.3.13)
If you'd like to be notified of updates to this plugin and hear about other projects please enter your name and email and click "Send Me Updates".

Change log

20150904: v.1.3.13
	allow arbitrary HTML in "before" and "after" parameters, but not cookies
20150830: v.1.3.12
	updated for WP 4.3
	revert [cmp-hidden] in favor of more general use <"before",after/>
20150727: v.1.3.11
	revert v.1.3.10 redirects
	added [cmp-hidden] shortcode after WP 4.2.3 changed shortcode behavior
20130901: v.1.3.10
	Add redirect if unset values
	Possibly adding default values as CF7 placeholders
20130831: v.1.3.9
	Updating for WP 3.6 / CF7 3.5.2 compatibility
20121109: v.1.3.8
	Fixed the cookie duration display (was always set, only displayed immediately after saving)
20121030: v.1.3.7
	Added ability to set cookies from $_POST also
20110530: v.1.3.6
	Added CF7 shortcodes text+,text*+,email+,email*+ to pull values from cookies or get values
	[TODO: do the same with hidden fields module?]
20110310: v.1.3.5
	Added cookie duration to config options
20101201: v.1.3.4
	Found and squashed that pesky "Invalid argument supplied for foreach()" bug
	Made shortcodes show up on templated pages that didn't use get_header()
20101004: v.1.3.3 
	*** All parameter/cookie names will need to be re-entered if you upgrade from 1.2.X ***
	*** (This should be the last time that is needed barring another major re-write.)   ***
	Added option prefix CMp_ to avoid option name space collisions
20101001: v.1.3.2
	Added function name prefix CMp_ to avoid name space collisions
20100930: v.1.3.1
	Unbroke cookie setting code from refactoring (Oops)
20100929: v.1.3 !! Not backward compatible with 1.2.X !!
	*** All parameter/cookie names will need to be re-entered if you upgrade from 1.2.X ***
	Changed options format to allow blank options to just disappear
20100928: v1.2.2
	Verboten list -- avoid WP reserved names that may break the page (404, etc)
	Turn on shortcodes in widgets [and titles?]
	Wrap short codes in <p> tags with wpautop()
20100927: v1.2.1
	Encode HTML special characters in variables before displaying (to deter malicious code injection)
20100926: v1.2
	Added default values
	Cleaned up original CookieMonster code
	Now allows for more than 4 parameters
	Added "Settings" link to plugin admin screen

Thanks for downloading!

If you'd like to be notified of updates to
this plugin and hear about other projects
please enter your name and email and
click "Send Me Updates".

34 thoughts on “CookieMonster-plus”

    • You’re most welcome Wallace.

      If you need any technical help, drop me a support ticket and we’ll work something out.

  1. I down loaded the program and when I tried to open it.. Windows said ” it had to know what program created it” I tried the usual stuff too open it but no luck.. Can you please send me the name of the program that you used to create it and where I can get it.. Thanks Bernie

    • Bernie,

      Rather than opening the .zip or .php file on Windows you’ll want to install it into your WordPress installation.
      The .zip should install directly from the WP dashboard, or you can FTP the .php contents of the .zip file to your wp-content/plugins/ folder on your web server.

      If you have any other trouble, open a support ticket and we’ll work out a solution for you.

  2. Is there any modification to the download you can suggest if you wish to use a program like this, except in a regular website that doesnt use a cms?

    I would think there are many out there who have been looking for something like that.

    • Tom, that’s what Paul’s Email Affiliate System originally covered. He has code and examples in there to walk you through the process of doing this same thing on pages that are not part of WordPress or any other CMS.

      When he integrated what I did with this plugin he expanded that product to cover the blog integration as well.

      You could hire someone like myself to create the code for you or grab Paul’s product and get the code, non-techie explanation of how to use it, and a bunch of good marketing lessons. Or use WordPress.

      Thanks for asking. I knew the history of the code, so I wouldn’t have thought to clarify that point if you hadn’t asked!

  3. Did you ever get around to the ToDo list of adding an option for cookie duration?
    Is there a clean way to reference the cookie value in a template file? I don’t want to print it (I could use do_shortcode), but I want to use the value of the cookie in an if statement. I guess that means I just use $x=do_shortcode(‘[myvar]’); or something like that?

    • Joy,

      I have a version almost ready to release with the cookie duration. (Just want to test it a bit more.)

      I’ll answer the other part when I’ve had a chance to revisit the code and see what makes sense.


    • Hi Joy, I just posted the latest version of CM+ and the cookie duration seems to be working stably.

      As far as using the cookie value in a template, you can either use the snippet you suggested, or just get the value straight from the cookie like the plugin does: $_COOKIE[‘myvar’].


  4. Hi Wayne,

    Thank you for your work on this.

    I just discovered that great plugin has been stripping the shortcode and other plugins haven’t been working as a result.

    Has anyone else had this problem? Any suggestions for resolving this?


    • Dov,

      I just found that my reply didn’t post — how can Akismet think *my* comments on *my* blog from the dashboard are spam?!
      (Gotta love technology! 😉 )

      I have only heard of the short code thing happening once before and in the process of troubleshooting the issue with the individual it resolved itself. I believe that disabling CM+ and the other plugin and reenabling them resolved it. Without more details I can’t suggest more than that.

      If you’d like to open a ticket at the support desk, I’ll see what I can do.


      • Thanks, Wayne.

        In addition to Askimet labeling your comment spam, I didn’t get notified of this reply, so I just found out about it today when I got an email about the comment below re the update.

        Again, thanks a lot. I’ll let you know if it works.


  5. Hey folks,

    Question about kiosk-style usage: I’m going to use this to capture user info from a vendor, keep it for the session, and send it back to the vendor with an “Everything’s Cool!” code (if the user does everything successfully and we get that far).

    I’m wondering if you can foresee any oddities that might happen if the same workstation is used throughout the day for multiple users. I’d assume that a new link, with new parameters, would overwrite the existing cookie’s data and therefore expand to those new values when the shortcode is called; but what would happen if someone borks the original URL, or follows an old link from History, or otherwise jumps into the middle of the process?

    I have the cookie set to expire after 1 day which seems like the minimum. I’m not sure even a session expiry would help, as the browser on the kiosk is likely to stay open.

    I’ve set the kiosk’s browser to keep no history or info beyond, of course, cookies. The info itself is not terribly sensitive either; still, if there’s a good way to explicitly wipe the cookie once we reach the “success!” page, that would be awesome.


  6. Rob,

    I don’t understand what you’d want cookies for in the case you described. Cookies are for keeping data across sessions, i.e. from one visit today to the next in a week.

    If you have everything happening at once, there’s no need for cookies. You can just pass the variables from one page to the next.

    It sounds like you’d just like a form that collects data. If so, I’d recommend Contact Form 7 and the Contact Form to DB plugins in the WP plugin repository. Then you can use the CF7 form editor to create whatever you need to collect the data and it will email the results as well as saving them to the database.

    As far as clearing the previous data, I would just set the browser to not store any form data and set the page to serve up as non-caching.

    If you need help getting that set up, open a ticket at the support desk and we’ll see what we can work out.

    Good luck!

  7. Hello,
    I trying to use your cookmonster plug-in and it works great on page urls, but I can’t get it to work on my menu with the permalinks. Is there anything else I must do for permalinks?

    Thanks for your time and the plug-in.


    • Hi Mac,

      I have a suspicion that you’re beyond the boundaries of where I’d envisioned it being used, but drop a line on the help desk with more details and I’ll see what I can do to help.

      It sounds like you’re wanting to use the cookie data in menu items. That might be possible, but if you’re staying on your site, the cookie is still accessible from other pages so you don’t need to pass it along in every link. If you’re sending them offsite from the menu item, then, yes, you might need it to parse into the link.


  8. Ok, here’s the deal. It’s either a bug or a WAD (Working As Designed).

    If you use the “built-in” menu in a sub-theme (say Wheat) that comes with Weaver ii Pro, for some reason it clears all of the session and cookie data when you click on a menu item to go to another page. If you build a custom menu and replace it, Cookie Monster-Plus works as advertized on all the links and the menu items, and the session and cookie data is not clear when you change pages.


    “The only source of knowledge is experience.” -Albert Einstein

  9. Is there anyway you can provide functionality to prevent overwriting previous cookies?
    I have an affiliate program and would like to give the original referring affiliate credit for the sale. As of right now every time I click a new affiliate link, the original cookie is overwritten with the new affiliate’s user id. Great job with the plugin itself, it works flawlessly as it stands right now!

    • Eric, my apologies for not replying sooner (it’s been crazy).

      I will add an option in the next version for first-cookie versus last-cookie.

      Thanks for the suggestion!

  10. It seems as though on most computers the cookie does not set anymore … the cookie works on the original page … but when you surf to other pages it goes back to the default
    I can’t understand why, I have other website where it works fine…but in this one I’m having this problem..
    I really need a solution please
    Thanks in advance

    • Pedro,

      I can’t really help if you can’t tell me under what specific circumstances you are having troubles.
      Is it different computers, different pages, or different websites?

      If you are still needing help, open a ticket on the help desk with details.


      –Dr. Wayne


Leave a Comment