Having cookie issues (PHP)

software development

#1

Hey guys, sorry for asking so much!

I’m having issues with my logout system. It’s really strange… the logout page, which deletes the cookie with this:
setcookie(“account”, null, 1);
will destroy the cookie… usually. Here’s the catch - if it’s the first time the user has been to the site, it won’t log them out. They have to manually delete the cookie, THEN it will work normally.

What’s the deal here? Any suggestions would be great.


#2

Are you using IE? IIRC, IE does not always delete a cookie with a null session id. To force a cookie delete, set the time to a very long time ago (“1” should work…). The browser should delete this ancient expired cookie. Follow this with session_destroy(), so the session will also cease to exist on the server when the current php script ends.

Maybe something like:

setcookie("account", session_id(), 1); Regards,
Rudy


#3

Nope, still not working.

To log out, they simply go to logmeout.php, which contains this code (and only this):

<?php session_start(); setcookie("account", session_id(), 1); session_destroy(); header( 'Location: http://www.sbboard.com/auslander/home.php '); ?>

And it’s still not working in IE. Firefox does fine but that was never a problem.


#4

Digging in memory here… I am not an expert, though I am learning. Maybe deleting the cookie requires both an expired time, and a blank value (may be breaking because I put in the session id), so maybe try:

setcookie("account", '', 1);
This looks a lot like your first effort, though (except using null vs ‘’).

Regards,
Rudy


#5

Well… like I said, it’s kind of working.

Once the user has manually cleared cookies on that computer, it behaves normally. It’s not an issue with accounts, because I logged in with an existing account on a new computer and encountered the same problem.

Still no dice with your method. Another thing — I can’t even overwrite the cookie. It’s stuck as is.


#6

Not sure I am helping. I did look around a bit, as I will need to implement the same code at some point. I found this page, check out the 1st and last posts, then work upwards if it looks promising.

Regards,
Rudy


#7

I am using IE 7 and installed IEWatch to see whats going on under the hood.

  1. Close all IE windows
  2. Restart IE
  3. Login to the game - the cookie ‘account’ is set to my username.
  4. I’m redirected to journey.php
  5. Click the logout link - the cookie ‘account’ is set to ‘+’
  6. Type in journey.php in the Location

So guess what my IE 7 does when I visit the journey.php script the second time? It loads a copy from cache. Since it doesn’t fetch the URL from your site, your site doesn’t get a chance to respond with the ‘You must be logged in’ error message.

Now if I change my ‘Temporary Internet Files’ setting to check for new version of a page every time, it works as expected.

You might want to read How to prevent caching in Internet Explorer

:cool: openvein.org -//- One-time [color=#6600CC]$50.00 discount[/color] on [color=#0000CC]DreamHost[/color] plans: Use ATROPOS7


#8

Ahhhh thanks a ton! I’ll try that and see if it works, but I’m pretty sure it will. That’s really just a doh moment I guess, with rapidly changing pages and all.

The HTML output is determined by an if(isset… ) portion of PHP, so if it returned the output the first time then it’ll probably do the same if it’s cached.

I’ll let you guys know if that doesn’t work, but for now I’d say the issue is resolved.

Thanks a million!


#9

Alright, so I finally got around to testing this out, and it’s still not working.

I’ve done some work on the situation, and I’m convinced that it’s not an issue with the cache. The problem is that the cookie is simply not being deleted. I tried it out — logged in, tried logging out, and viewed my cookies. It was still there.

I then manually cleared my cookies. From that point on, I was able to seamlessly log in and log out as I pleased. THAT is the troubling part for me… that for the same user, without any changes to the page’s content, different things happen.

The logout script is as follows:

<?php setcookie("account", "", 1); header( 'Location: http://www.sbboard.com/auslander/home.php '); ?>