You really don't need to save anything in a cookie for this.

You can just pass on what the use has put in the form in the HTTP POST or GET and populate the form with this for the user.

It easiest if you use the same PHP script both for generating the form and processing the form. That way you don't have to pass your form fields via HTTP twice.

Simple example: (pseudo code)

[php]

$is_generate = false;

if (/* some validation failed */) {

$is_generate = true;
}

if ($is_generate) { // generate form

echo '';
echo '';

echo '... etc. etc..';
echo '';

} else { // process form

}

// your variable cleansing funtion
function clean($var) {
// do some sanitizing
return $clean_var;
}

[/php]

NOtice the line:

[php]
echo '';[/php]

Ive set the value="" to the HTTP POST param "foo" since that is what was passed last time the form was filled...

Edit:
The reason I have clean() function there is just to note that if you are going to print anything sent by the user, back to the browser, you will have to clean your variables with your own custom function.

usually to prevent cross-site scripting.. XSS.

Withought that lil bit it would look something like:

[php]
echo '';[/php]