Jump to content

[SOLVED] Deleting PHP cookies doesn't work


globex

Recommended Posts

This is really driving me nuts. I'm trying to learn PHP and building a simple user authentication page. I copied the code from a tutorial. Everything works great except the logout button. It doesn't seem to be deleting the cookies.

 

So I made a really quick test to see if deleting cookies works at all, and to my surprise it doesn't. The test has two pages: test.php and test2.php with this code in each:

 

test.php

<?php
setcookie('test', 'test', time() + 3600);
?>
<html>
<body>
<?php
echo "Cookie is set to: " . $_COOKIE['test'] . "<br/>";
echo "<a href=\"test2.php\">Delete Cookie</a>";
?>
</body>
</html>

 

and test2.php

<?php 
setcookie('test', '', time() - 3600);
echo "Cookie is set to: " . $_COOKIE['test'] . "<br/>";
echo "<a href=\"test.php\">Go Back</a>";
?>

 

Now, if I'm not mistaken. When you first load test.php it should say "Cookie is set to: test". But it doesn't. At first it shows nothing. If I refresh the page, then the cookie is set.

 

Then, when I press "Delete cookie". It should say, "Cookie is set to:". But it doesn't. It still says it's set to "test" until I refresh the page.

 

How is this possible? Is there no way to delete a cookie??? This is absurd. You can see the example here: http://www.naverniouk.com/design/poker/test.php

 

Already read through and tried this: http://www.phpfreaks.com/forums/index.php/topic,152557.0.html

It didn't help.

Link to comment
Share on other sites

When you set a cookie its contents are only available on a page reload as the cookie is set on the clients machine after the page loads. PHP can't load cookie data that doesn't exist yet. Same for deleting. PHP loads the cookie data before you can delete it so it will be available until a page reload.

Link to comment
Share on other sites

And set more time for your delete.

 

setcookie ('test','',time() -60*60*24*365,'/');

 

Setting the '/' stopped it from working at all. And changing the length of time had no effect.

 

Ok. So if it doesn't work without a refresh. Then there must be some other reason why I can't logout of my main site:

http://www.naverniouk.com/design/poker/index.php

 

User: test

Pass: test

 

Try to login and then press the "Logout" button. Nothing happens. Because the cookie is not deleted, so it automatically relogs back into the site.

 

My logout.php looks like this:

 

<?php
setcookie ('ID_my_site', "", time() - 3600);
setcookie ('Key_my_site', "", time() - 3600);
header("Location: http://www.naverniouk.com/design/poker/index.php");
?>

 

And index.php checks to see if "ID_my_site" isset or not. If it's set it will automatically go to portal.php. But the thing is, "logout.php" doesn't delete the cookie, so it stays set.

Link to comment
Share on other sites

How would I go about finding out what's wrong with it?

 

If I set it to "/design/poker/" instead of "/" it works fine.

 

*EDIT*

 

Setting

setcookie ('ID_my_site', "", time() - 3600, "/design/poker/");

from

setcookie ('ID_my_site', "", time() - 3600);

seems to have done the trick.

 

I wonder if someone can explain why I had to set the domain for it to work?

Link to comment
Share on other sites

Interesting. When I changed the code that sets the cookie to add the "/" domain, then I had to change the cookie deletion domain to "/".

 

But for record keeping sake - simply having

setcookie ('ID_my_site', "", time() - 3600);

 

Does not work no matter what. I'm assuming it will only work if you're running your script in the root of your website. If you're not, you MUST set the domains for creating and deleting cookies.

 

Thanks a lot. Solved.

 

Link to comment
Share on other sites

Your assumption is right, because you are not telling it to go across the whole domain, just the tree that it's set from.

 

You should really set it for more time though, if someone's clock is off, it wont delete the cookie.

 

 

Does not work no matter what. I'm assuming it will only work if you're running your script in the root of your website. If you're not, you MUST set the domains for creating and deleting cookies.

 

Thanks a lot. Solved.

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.