PHP Destroy cookie?

[jamesbrauman]

I've got something really weird going on. On my computer (localhost, apache web server), setting and my cookies works fine. However, when I put it up on the net, setting cookies works but destroying cookies doesn't. 

 

Code for setting cookies:

function user_login($username, $md5password) {
	setcookie("username", $username, strtotime("+90 days"), "/");
	setcookie("md5password", $md5password, strtotime("+90 days"), "/");
}

Code for logging the user out (doesnt work on web server, does on local server):

//Logs a user out.
function user_logout() {
	setcookie("username", "", 1);
	setcookie("md5password", "", 1);
}

 

What is going on?  ???

[jamesbrauman]

Don't worry. The code I have for checking if someone is logged in validates the cookie username and md5 password, so for logging out I just set the cookies as such:

function user_logout() {
	setcookie("username", "", strtotime("+90 days"), "/");
	setcookie("md5password", "", strtotime("+90 days"), "/");
}

 

Thanks.

[PFMaBiSmAd]

It is likely you have a header problem on the page that calls the logout function. Add the following two lines after your <?php tag -

 

ini_set ("display_errors", "1");
error_reporting(E_ALL);

[jamesbrauman]

It is likely you have a header problem on the page that calls the logout function. Add the following two lines after your <?php tag -

 

ini_set ("display_errors", "1");
error_reporting(E_ALL);

 

This code if for logout.php - I didnt add the code you suggested as the code for logout page is only very small.

<?php
include "../construct.php";
user_logout();
header("Location: ../index.php");
exit();
?>

[JasonLewis]

Still add those lines, and remove the header redirect so that you can see the errors that may be outputted.

[jamesbrauman]

Still add those lines, and remove the header redirect so that you can see the errors that may be outputted.

 

Ok, added those lines so that logout.php looks like this:

<?php
ini_set ("display_errors", "1");
error_reporting(E_ALL);
include "../construct.php";
user_logout();
//header("Location: ../index.php");
exit();
?>

 

Thought I had fixed the problem before, but it is still there. When I access logout.php on my webserver (which is where user_logout() is not working) no errors are outputted, even with that code.

[JasonLewis]

Wait you want to logout, so shouldn't it be -90 days and not +90 days. Because to destroy cookies you need to set a date in the past.

 

When deleting a cookie you should assure that the expiration date is in the past.

[jamesbrauman]

Wait you want to logout, so shouldn't it be -90 days and not +90 days. Because to destroy cookies you need to set a date in the past.

 

When deleting a cookie you should assure that the expiration date is in the past.

 

Yes, I was originally trying to delete them like this:

setcookie("username", "", 1, "/");
setcookie("md5password", "", 1, "/");

 

However that wasn't working so thats when I decided to try to set the value to a blank string, but in the future.

[PFMaBiSmAd]

If you have code that is working on one server but not another, don't randomly start changing the code, find out why it is not working on a specific server first.