all cookies when resetting, or before saving new cookies if (isset($_REQUEST["reset"])) { // Removing isset($_REQUEST["save"])) fixes the problem that settings don't "stick" if you want it, that you receive source code form), and must require no special password