Jump to content

Recommended Posts

hya, ive given a link from my index page to a pgave i call logout.php

in that page i have the following code:

 

<?php 
if (isset($_COOKIE['User_Id'])){

setcookie('User_Id', "" ,time()-3600);
setcookie('UserName',  "" ,time()-3600);	
echo "cookies has been deleted";
   
}
else {echo 'you are not loged in' ;}


?>

 

i get the 'echo "cookies has been deleted";'

msg but the cookies are not dellted, any ides ?

Link to comment
https://forums.phpfreaks.com/topic/245787-cant-delete-cookies/
Share on other sites

according to the php manual:

Cookies will not become visible until the next loading of a page that the cookie should be visible for. To test if a cookie was successfully set, check for the cookie on a next loading page before the cookie expires. Expire time is set via the expire parameter. A nice way to debug the existence of cookies is by simply calling print_r($_COOKIE);.
so if you're checking if they were deleted on the same page, they probably aren't yet. At the end of your logout.php, redirect to another page and check the cookie again with something like this: (just to be sure if it's deleting or not)

 

foreach($_COOKIE as $k=>$v){
echo 'Cookie <b>'.$k.'</b> still exists with value: '.$v.'<br />';
}

Link to comment
https://forums.phpfreaks.com/topic/245787-cant-delete-cookies/#findComment-1262409
Share on other sites

allready tried thay, hed a

 

$home_url = 'http://' .$_SERVER['HTTP_HOST'] . '/index.php';

		header('Location: ' . $home_url)  ;

 

in the same page

and my index chacks to see wheter a cookie is in place

if not it asks to log in

if yes is says 'wellcome "username" '

 

and i get the wellcome msg

 

 

Link to comment
https://forums.phpfreaks.com/topic/245787-cant-delete-cookies/#findComment-1262411
Share on other sites

What is the code that is setting the cookies? The code that is 'deleting' the cookie must use the same parameters as when the cookie was set? What is the code that is testing for the cookie and displaying the - 'welcome "username" ' message? It might have a logic error in it.

 

Also, it is not safe to set cookies with 'simple' and easy to guess values, because anyone can change the value in a cookie and could impersonate any of your site members.

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/245787-cant-delete-cookies/#findComment-1262413
Share on other sites

What is the code that is setting the cookies? The code that is 'deleting' the cookie must use the same parameters as when the cookie was set? What is the code that is testing for the cookie and displaying the - 'welcome "username" ' message? It might have a logic error in it.

 

Also, it is not safe to set cookies with 'simple' and easy to guess values, because anyone can change the value in a cookie and could impersonate any of your site members.

 

the code that seting the cookies is

			$row = mysqli_fetch_array($data);
		setcookie('User_Id', $row['user_id'],time() +(60 * 60 * 1));
		setcookie('UserName', $row['username'],time() +(60 * 60 * 1));

 

the code that displying the welcome and log in is a if else statment, and i know that the cookies are not being deleted bcus i chack in firefox "delete coockies by site " option and after delete them via firefox i get the plz plgin msg

 

here is the intire login page (some stuff maybe in hebrew plz ignore):

<?php 
require_once('db_login.php');

//the error massged

$Login_error = "" ;
//chacck if looged in, else check if trying to login
if (!isset($_COOKIE['User_Id'])){
  if (isset($_POST['submit'])){
  //connect to db
       $connection = mysqli_connect($db_host, $db_username, $db_password, $db_database) or die ('damn');
   
   //grabing user enterd details
   $user_username = mysqli_real_escape_string($connection, trim($_POST['UserName']));
   $user_password = mysqli_real_escape_string($connection, trim($_POST['password']));
   
   if (!empty($user_username) && !empty($user_password)){
   $query = "SELECT username, user_id FROM users WHERE username = '$user_username' AND ".
   "password = '$user_password'";
   $data = mysqli_query($connection, $query);
   echo mysqli_num_rows($data);
      if(mysqli_num_rows($data) == 1){
		 $Login_error ="yay";
		//user name and pass are ok
		$LoginDate = date('j\.n\.Y \בשעה H\:i') ;
		$row = mysqli_fetch_array($data);
		setcookie('User_Id', $row['user_id'],time() +(60 * 60 * 1));
		setcookie('UserName', $row['username'],time() +(60 * 60 * 1));

		$home_url = 'http://' .$_SERVER['HTTP_HOST'] . '/index.php';

		header('Location: ' . $home_url)  ;
	  }
	    else{
		//worng username AND\OR password
		$Login_error ="שם המשתמש או הסיסמא לא נכונים";	
		}
   }
     else{
		 //no username and'or password were enterd
		 $Login_error = "לא הכנסת שם משתמש וסיסמה";
		 }

  }

}

?>

<?php
//if the cookie is empty show errormsg and form
if(empty($_COOKIE['User_Id']))
{ echo $Login_error ;

?>
<script type="text/javascript" >
               $(document).ready(function () {
                   $("#login").ready(function () {
                       $("#login").slideDown('slow');

                   });

               });


</script>
<div id="login" style="background-color:#09C;border:1px solid; width:100%; height:25px; display:none; margin-bottom:5px;">
         
         לא חבר באתר?
            <a href="/Register.php"><span style="color:#9C3; font-style:oblique;">הרשם</span></a>
            עכשיו!
          
            <form style="float:right" method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
            
      <label>
   שם משתמש: <input type="text" id="UserName" name="UserName"/>
      </label>      
            

            
      <label>
   סיסמה: <input type="password" id="password"  name="password"/>
      </label>      
      
      <input type="submit" name="submit" value="התחבר" />
      
       
            </form>
  
                 
</div>

<?php } 
else{ 
?>
<script type="text/javascript" >
               $(document).ready(function () {
                   $("#login").ready(function () {
                       $("#login").slideDown('slow');

                   });

               });


</script>

<div id="login" style="background-color:#09C;border:1px solid; width:100%; height:25px; display:none; margin-bottom:5px;">
         
שלום 
  <?php echo $_COOKIE['UserName']; ?>  
התחברתה לאחרונה ב

לחץ  
<a href="Core/LogOut.php">כאן</a>
על מנת להיתנתק
          
  
  
                 
</div>

<?php }?>

 

 

and the intire logout page:

 

<?php 
if (isset($_COOKIE['User_Id'])){

setcookie('User_Id', "" ,time()-3600);
setcookie('UserName',  "" ,time()-3600);	
   
}
$home_url = 'http://' .$_SERVER['HTTP_HOST'] . '/index.php';

		header('Location: ' . $home_url)  ;

?>

 

Link to comment
https://forums.phpfreaks.com/topic/245787-cant-delete-cookies/#findComment-1262433
Share on other sites

<a href="Core/LogOut.php">כאן</a>

 

Your logout page is at a different path than your login code and you are not setting the cookie with a '/' as the 4th parameter, so 1) The cookie only matches the path where it was set and 2) the path where you are trying to delete the cookie is not the same as where it was set.

 

Use the '/' as the 4th parameter in all your setcookie() statements so that the cookie will match all paths under your domain -

 

setcookie('User_Id', $row['user_id'],time() +(60 * 60 * 1), '/');

 

setcookie('User_Id', "" ,time()-3600, '/');

 

And as already stated, setting simple user id and username values in cookies is easy for anyone to guess and find values that work, such as your user id and your user name.

 

 

Link to comment
https://forums.phpfreaks.com/topic/245787-cant-delete-cookies/#findComment-1262451
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.