Jump to content

Logout function, cookie isn't deleted

KingIsulgard

By KingIsulgard
in PHP Coding Help

 Share

Recommended Posts

KingIsulgard Newbie

KingIsulgard

Posted
Posted

Hi there, I am writing an authentication script with an class Authentication who checks if a user is logged in or not.

 

Everything works fine, logging in, checking if logged in, checking if there is a cookie TO log in when not yet logged in, and so on.

 

Except one thing. When logging out, I can destroy the sessions and the user gets logged out. But he logs in immediately again because somehow the cookie survived the logout script. This is very weird since I actually destroy the cookie in the logout function.

 

Can you please check it for me?

 

Here is a snippet of the code:

// Fucntion to log the user out
	public function logOut() {
		// Clear sessions
		unset($_SESSION["security"]);
		unset($_SESSION["loggedin"]);

		session_unset();     
    		        session_destroy(); 
    
		// Set the user status to not logged in
		$this->loggedIn = false;

		// Destroy cookie
		setcookie("BusinessgameRemember", "", time() - 60*60*24);	
	}

	// Function to create a new session
	public function createSession($securityCode) {
		session_start();								// Activate the use of sessions

		$_SESSION["loggedin"] = "true";
		$_SESSION["security"] = $securityCode;
	}		

	// Function to create a new cookie
	public function createCookie($securityCode) {
		// Set cookie
		setcookie("BusinessgameRemember", $securityCode, time() + 60*60*24*30);
	}

 

You can see the code that creates the sessions and the script which creates a cookie (both works fine). The logout function DOES destroy the sessions but not the cookie. Any hints? :s

Link to comment
Share on other sites
mattal999 Regular Member

mattal999

Posted
Posted

To set the cookie, you use:

 

setcookie("BusinessgameRemember", $securityCode, time() + 60*60*24*30);

 

Which is 1 month into the future. You then try and destroy it using this:

 

setcookie("BusinessgameRemember", "", time() - 60*60*24);

 

Which is only -1 DAY in the future. Should be 60*60*24*30.

Link to comment
Share on other sites
MisterWebz Newbie

MisterWebz

Posted
Posted

Well -1 day in the future means one day in the past, so it is already passed which means the cookie should get deleted.

 

It's not like I have to substracted a month from the cookies time. I just set a NEW time in the past.

No, -1 day means substracting 1 day off the amount of days the cookie has been set for.

 

If the cookie has been set for 2 days and you're substracting 1 day, then there's still 1 day left.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.