benphp Posted June 1, 2012 Share Posted June 1, 2012 I set a cookie on page1.php: setcookie("wusername",$_REQUEST['wusername']); I have another page logout.php for logging out that kills the cookie and sends me to the login page. if (isset($_REQUEST['btnLogOut'])) { setcookie ("wusername", "", time() - 3600); header("Location: login.php"); } However, when I go to the login page, login.php, I have this: if (isset($_COOKIE['wusername'])) { $wusername = "Logged in as: " . $_COOKIE['wusername']; } Which does indeed retain my cookie and prints it. Why is my cookie not dying? Quote Link to comment Share on other sites More sharing options...
Barand Posted June 1, 2012 Share Posted June 1, 2012 if you close the browser then re-open, is it dead? Quote Link to comment Share on other sites More sharing options...
benphp Posted June 1, 2012 Author Share Posted June 1, 2012 No - the only way I can kill it is to delete all cookies. Quote Link to comment Share on other sites More sharing options...
cpd Posted June 2, 2012 Share Posted June 2, 2012 Cookies are destroyed by your browser, all setcookie does is sent a request to the browser to set the cookie - be it in the past or future. The browser then removes any expired cookies. Have you confirmed the setcookie(foo, bar, time-3600) is definitely being executed? I find it hard to believe your browser isn't functioning properly unless you've developed your own browser. Quote Link to comment Share on other sites More sharing options...
floridaflatlander Posted June 2, 2012 Share Posted June 2, 2012 What do you mean wont die? A couple of months ago I was doing some stuff with a cookie that would cease when the browser was closed and look and it was still present in name after I closed and reopened the browser however the cookie would not work on the site, it had expired. I can't remember which browser using. PS. open your browser and click the cookie name, it will tell you when it expires. If it is a past date or time it is no good, it's just listed in the browser waiting to be deleted. Quote Link to comment Share on other sites More sharing options...
cpd Posted June 2, 2012 Share Posted June 2, 2012 My point is you need to confirm your "re-setting" the cookie with an expiry time in the past. The browser may have a bug but like I previously said, I doubt it. Quote Link to comment Share on other sites More sharing options...
smoseley Posted June 2, 2012 Share Posted June 2, 2012 Could be a discrepancy between server time and browser time. One hour is hardly enough to account for timezones. Try 30 days instead: time() - (86400 * 30) Quote Link to comment Share on other sites More sharing options...
smoseley Posted June 2, 2012 Share Posted June 2, 2012 Actually, come to think of it... cookies are set via HTTP header... if you're redirecting in the same header, that might cause problems / confuse the browser. You may need to use a meta refresh instead to eliminate the race condition. Better idea would be to use your session to store login data instead of a cookie. It's a more secure solution anyway, as the value is stored on the server, and can't be hacked as easily. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.