tork Posted October 26, 2013 Share Posted October 26, 2013 Here's my original script: session_name('2010'); // to name the session session_start(); // 2010 session starts - either found or created Firebug shows the correct session cookie: 2010 and expiry data Script changed to: session_name('2013'); // to name the session session_start(); // 2013 session should cause the 2013 session cookie to be createdsetcookie(session_name('2010'), '', time()-3600, '/', '.site.com'); // old session cookie 2010 should be deleted Firebug still shows the 2010 session cookie and not the 2013 session cookie: 2010 and expiry data - no change to expiry data or cookie name. How can I delete the 2010 session cookie and create the new 2013 session cookie? Quote Link to comment Share on other sites More sharing options...
tork Posted October 26, 2013 Author Share Posted October 26, 2013 And .. php.ini has the following parameters set: ; http://php.net/session.use-only-cookiessession.use_only_cookies = 1 ; http://php.net/session.namesession.name = PHPSESSION ; http://php.net/session.cookie-lifetimesession.cookie_lifetime = 30 Quote Link to comment Share on other sites More sharing options...
mentalist Posted October 26, 2013 Share Posted October 26, 2013 ??? http://stackoverflow.com/questions/3989347/php-why-cant-i-get-rid-of-this-session-id-cookie Quote Link to comment Share on other sites More sharing options...
tork Posted October 27, 2013 Author Share Posted October 27, 2013 I'm not sure what you're trying to say. If I use session_delete(), it will have to come after the session_start() and will delete the new session. The cookies are all session cookies and were not set using setcookie. Can you explain what you mean please? Quote Link to comment Share on other sites More sharing options...
mentalist Posted October 27, 2013 Share Posted October 27, 2013 The necessity to provide exactly the same parameters except time and to try using session_get_cookie_params() as in the example shown on that page... Quote Link to comment Share on other sites More sharing options...
tork Posted October 27, 2013 Author Share Posted October 27, 2013 I wrote the following into my script, as per your reference: $params = session_get_cookie_params();setcookie(session_name(), '', 0, $params['path'], $params['domain'], $params['secure'], isset($params['httponly'])); However, the cookies weren't deleted until I changed the php.ini parameter ; http://php.net/session.name to the session_name of the session cookie that I believe I had created it with. I was trying to delete it with the session.name PHPSESSION in php.ini. Is this what you expected, mentalist? Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 27, 2013 Share Posted October 27, 2013 Dont use setcookie() to affect the actual session cookie. If you want to rename the session cookie use session_name() before you call session_start(). If you want to stop the session call session_destroy(). You cannot delete the cookie, you can only make it invalid. If the session is destroyed any session values are also cleared. Quote Link to comment Share on other sites More sharing options...
tork Posted October 27, 2013 Author Share Posted October 27, 2013 Thanks Ch0cu3r. So what I've done to stop the current cookie and start a newly named one follows. Is this correct? What actaully removes the old cookies? (I'm thinking they could accumulate to whatever max is allowed in the browser). // Identify the session that needs destroyed (if it is not identified, then the default session name in php.ini will be used - eg PHPSESSION)session_name('2011');// Start the previous session - a new session id will be generated if the current one has expiredsession_start();// Destroy the previous session - the 'destroy' doesn't remove the cookie, but simply makes the cookie invalid, and removes all session values and stops the sessionsession_destroy();// Now a new session name is givensession_name('2012');// And the new session beginssession_start();// Never use setcookie with session cookies Quote Link to comment Share on other sites More sharing options...
objnoob Posted October 27, 2013 Share Posted October 27, 2013 You can use setcookie to set any cookie, including a session cookie as long as no output has already been started and sent to the browser. To modify an existing cookie, you need to make sure you use the same cookie parameters NAME, PATH, DOMAIN, SECURE, HTTP ONLY that were used to create the cookie in the first place. Using 0 as the expiration time for cookie, sets the cookie to expire when the browser windows are closed. If you want to delete the cookie before then, you should set the cookie time to expire using a time less then current time. time()-3600 will set the expiration time to an hour ago, which means the cookie is expired and will be deleted by browser on the spot. setcookie(session_name(), '', time()-3600, $params['path'], $params['domain'], $params['secure'], isset($params['httponly'])); Quote Link to comment Share on other sites More sharing options...
Solution tork Posted October 28, 2013 Author Solution Share Posted October 28, 2013 I appreciate your help, guys. Now it all makes sense. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.