Page 1 of 1

HELP ME EAT A COOKIE!! PLZ!!

Posted: Sat Oct 09, 2004 8:20 am
by sakaveli
hi ppl,

im having real strange problems managing my cookies, i se cookies to identify users who log on to my website, when the user presses logout a function is called which should unset the cookie. This worked when i was runing my machine off a localhost but since i have moved it on to a server there seems to be a problem. now either the system does not log the off or sometimes it randomly does!! ive tried making the cookie time invalid by a longer period etc. but doesnt seem to work!

heres my code for logging out (its a online car website thus car cookie details are unset):

Code: Select all

<?php
if ($page == "logout") {

	    //! possible issue here.  Seeing users still logged in after pressing logout.

		//! Instead of deleting cookie, going to try setting it to an incorrect value.

		$cookietime2 = time()-60*-60*-24*-30;

		setcookie("passhash","0",$cookietime2);

		setcookie("userid","0",$cookietime2);

		setcookie("manufacturer");

		setcookie("series");

		setcookie("model");

		setcookie("year");

		$_COOKIE["passhash"] = "0";

		$_COOKIE["userid"] = "0";

		$_COOKIE["manufacturer"] = "";

		$_COOKIE["series"] = "";

		$_COOKIE["model"] = "";

		$_COOKIE["year"] = "";
		unset($_COOKIE["userid"]);

		echo "<center>Logged Out Successfully!</center>";

		die ("<meta http-equiv="refresh" content="1;URL=index.php">");
?>
if i physically delete the cookie using the IE "delete cookies" then the user logs off so the problem MUST be tis function. is there anyway i can command php to delete that specific cookie?

ps. im a bit of a newbie guys so pleae explain thing throughly, thank you in advance to thoe who try to help.

sak

Posted: Sat Oct 09, 2004 8:29 am
by John Cartwright
your setcookies are wrong

bool setcookie ( string name [, string value [, int expire [, string path [, string domain [, bool secure]]]]])
to make the cookie invalid, you can set the cookies time to an expired time.

Posted: Sat Oct 09, 2004 9:02 am
by sakaveli
thanks for your reply..

i thought i was settin te cookie to an invalid time by doing this:

$cookietime2 = time()-60*-60*-24*-30;

could you please substitute my cooie details in your sollution so i know what to type, sorry but im a self taught newbie!
sak

Posted: Sat Oct 09, 2004 9:31 am
by feyd
good grief that's a lot of cookies.

Code: Select all

setcookie("yourcookiename", "", time() - 60 * 60 * 24 * 30);
is the general way to destroy a cookie.

Do not set anything into that cookie through $_COOKIE, or you'll set it again, I believe. Do note that the cookie settings you use with setcookie (path, domain, secure) must match the original cookie's. So if you set the cookie in another folder or subdomain, you'll have to match them for the cookie to properly destroy.

final note: please don't use caps over your topic title. It doesn't help motivate us much to help.

Posted: Sat Oct 09, 2004 10:01 am
by sakaveli
hey feyd thanks for your reply, will try it an hour or so when i get home. but im confused as to what
Do note that the cookie settings you use with setcookie (path, domain, secure) must match the original cookie's

means?

could you break that down in to bite size portions please?

sorry for lack of knowledge!

Posted: Sat Oct 09, 2004 10:10 am
by feyd
url: http://blah.com/foo/index.php

Code: Select all

// ......
setcookie("hi","test");
// ......
the header sent is basically:

Code: Select all

Set-Cookie: hi=test; path=/foo; domain=blah.com;
now, if your cookie delete is here:
http://blah.com/bar/cookie.php

Code: Select all

// .........
setcookie("hi","",time() - 600000);
// ........
the header sent is basically:

Code: Select all

Set-Cookie: hi=; expires=78219872; path=/bar; domain=blah.com
notice how path doesn't match. They are different cookies.

Same sort of thing goes for domains. http://www.blah.com and blah.com are different domains.

Posted: Sat Oct 09, 2004 11:26 am
by twigletmac
Maybe sessions or a couple of cookies containing serialised arrays would be a bit cleaner?

Mac

Posted: Sat Oct 09, 2004 11:36 am
by Weirdan
-60*-60*-24*-30 > 0, hence your initial code causes cookie to expire next month.

Posted: Sat Oct 09, 2004 11:50 am
by timvw
strtotime("-1 month");

Posted: Sat Oct 09, 2004 12:18 pm
by sakaveli
thanks wierdan,

i think you hit the nail on the head!! ive put that in and it seems to be working well...but the system does seem to pick and choose when its goin to logout and when it not..so i'll keep trying for next fes days and post back if it seems solved!

thanks to every1 who posted!
Sak