[SOLVED] Can't remove cookies on logout.

[Scooby08]

I have a simple user/login with remember me feature and everything seems to work except for when I log it, I believe it is supposed to remove the cookies, but I'm really not too sure if that is correct..  Need advice..

 

I create the cookies like so:

 

<?php
setcookie("TestCookie[txt_user_name]", $txt_user_name, time() + 3600);
setcookie("TestCookie[txt_user_password]", $txt_user_password, time() + 3600);
?>

 

My cookies array is like so:

 

Array
(
    [TestCookie] => Array
        (
            [txt_user_name] => admin
            [txt_user_password] => admin
        )

    [phpSESSID] => 04m88l0st6c327njr3apu4fa16
)

 

Then for my logout code I am using this code:

 

<?php
session_unset();
session_destroy();

if (isset($_COOKIE['TestCookie'])) {
$time = time();
setcookie("TestCookie[txt_user_name]", $time - 3600);
setcookie("TestCookie[txt_user_password]", $time - 3600);
}
?>

 

Is this correct?? And if so, what is supposed to be happening?? I would assume that if I logged out I would then be directed to the login form, but this is not happening.. It always stays logged in..

[ranjuvs]

it should be

 

setcookie("TestCookie[txt_user_name]","", $time - 3600);
setcookie("TestCookie[txt_user_password]","", $time - 3600);

[Scooby08]

Yes that seems like it should work perfectly, but I'm still having no luck.. Is there anything else I could try to delete these cookies with??

[ranjuvs]

try this. TestCookie[txt_user_name] is a variable right?

 

etcookie(TestCookie[txt_user_name], $txt_user_name, time() + 3600);
setcookie(TestCookie[txt_user_password], $txt_user_password, time() + 3600);
[code]
[code]
setcookie(TestCookie[txt_user_name],"", $time - 3600);
setcookie(TestCookie[txt_user_password],"", $time - 3600);
[code]

[/code][/code][/code]

[Scooby08]

Damn!  haha..  That gives me error.

 

Parse error: syntax error, unexpected '[' in /home/content/...

[ranjuvs]

missing '$' sign

 

setcookie($TestCookie[txt_user_name], $txt_user_name, time() + 3600);
setcookie($TestCookie[txt_user_password], $txt_user_password, time() + 3600);

and 

setcookie($TestCookie[txt_user_name],"", $time - 3600);
setcookie($TestCookie[txt_user_password],"", $time - 3600);

[Scooby08]

Well I finally got something to work.. I had to add a slash and my domain name to the cookies like so:

 

<?php
/*SET COOKIE*/
setcookie("TestCookie[txt_user_name]", $txt_user_name, time() + 3600, "/", "domain_name.com");
setcookie("TestCookie[txt_user_password]", $txt_user_password, time() + 3600, "/", "domain_name.com");

/*EXPIRE COOKIE*/
setcookie("TestCookie[txt_user_name]", "", time() - 3600, "/", "domain_name.com");
setcookie("TestCookie[txt_user_password]", "", time() - 3600, "/", "domain_name.com");
?>

[PFMaBiSmAd]

Relying on deleting cookies or deleting the session id cookie to log someone out is pointless and is a waste of processor time and bandwidth to delete them. Anyone can make a copy of a cookie and put it back after you delete it.

 

To log someone out, you should only rely on data stored on your server, such as a "logged in" column in your user table in a database.