Question

Why does setcookie function not work?

Asked by: shadow_shooter

Hello,

I am trying to edit a PHP script and now it started to feel tired. What I'm trying to do is setting a cookie but it was not possible because of a headers already sent error. Then, I added "obstart()" at the beginning of the page to solve the problem. It worked flawless but the problem is now I cannot delete these cookies by setting them to a prior date when users log out.

It looks like PHP totally ignores the setcookie() function. The same thing happened while creating them but was solved after adding obstart() at the start. Same trick doesn't work in my logout.php

Any ideas?

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-03-14 at 04:57:17ID24230145
Tags

cookie

,

php

Topic

PHP Scripting Language

Participating Experts
3
Points
500
Comments
19

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

    Free Tech Articles

    1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
      It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
    2. SCCM OSD Basic troubleshooting
      SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
    3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
      This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
    4. Create a Win7 Gadget
      This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
    5. Outlook continually prompting for username and password
      There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
    6. Backup Exchange 2010 Information Store using Windows Backup
      There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

    Cloud Class Webinars

    1. Avoiding Bugs in Microsoft Access
      Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
    2. Top 10 Best New Features in Visio 2010
      Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
    3. IT Consultant Business Secrets Revealed
      Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
    4. Disaster Recovery and Business Continuity
      Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
    5. Organize Your Visio Diagrams with Containers and Lists
      Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
    6. How to Us Objects, Properties, Events and Methods in Microsoft Access
      Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

    Join the Community

    Give a Little. Get a Lot.

    Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

    Join the Community

    Answers

     

    by: phpmonkeyPosted on 2009-03-14 at 05:02:14ID: 23886382

    After your headers have been sent you need to reload the page to be able to use set_cookie again since it all happens in the headers.
    A possible solution is to inject your page with javascript that handles everything when the page load complete's.
    Though i have found this though when using output buffering.

     

    by: shadow_shooterPosted on 2009-03-14 at 05:08:52ID: 23886395

    Sorry, I'm not sure if I understood you. How come can ob_start() work for one page but not for another page?

     

    by: phpmonkeyPosted on 2009-03-14 at 05:16:50ID: 23886420

    Oh you are not using ob_clear/flush in a loop somewhere?
    In that case you shouldn't need ob_start()
    The error usually means that you allready sent something to the browser forcing headers to be sent (as they are the first thing to go to a browser, and thats what php uses to set cookies).

    Put it all the way on top of your script before anything else (even html, css and whatever).
    Then it should be working.

     

    by: phpmonkeyPosted on 2009-03-14 at 05:18:14ID: 23886425

     

    by: drakeshePosted on 2009-03-14 at 05:55:34ID: 23886552

    Pretty much, you cant have any HTML or echo's before the setcookie()

     

    by: shadow_shooterPosted on 2009-03-14 at 06:00:49ID: 23886578

    This is really what I do but hopelessly even setting them as a first thing on my page, it doesn't work.

    I don't use flush or clear functions because simply ob_start() always worked for other related problems (but not this time though). The problem is I am using frames and what I'm editing is only a part of three separate pages. So, there is no way I can prevent others outputting (at least I don't know how to do so)

    Isn't there a reason ob_start() works for one page but not for another page?

     

    by: drakeshePosted on 2009-03-14 at 06:02:09ID: 23886582

    Is this PHP file being included/required? or is it running on it's own page?

     

    by: shadow_shooterPosted on 2009-03-14 at 06:15:12ID: 23886619

    It works on its own. The user is redirected to this page when s/he clicks "sign out".

    Let me attach the code snippet

    <?php
ob_start();
include "inc/baglan.php";
if ($verified_kat == "admin") {
$gnick = "&$verified_user";
$sorgu = "DELETE FROM online WHERE nick = '$gnick' LIMIT 1";
mysql_query($sorgu);
}
else if ($verified_kat == "mod") {
$gnick = "+$verified_user";
$sorgu = "DELETE FROM online WHERE nick = '$gnick' LIMIT 1";
mysql_query($sorgu);
}
else {
$sorgu = "DELETE FROM online WHERE nick = '$verified_user' LIMIT 1";
mysql_query($sorgu);
}  
setcookie('user_name','', (time()-192000), '/', '.kayiprihtim.org', 0);
setcookie('sec_user','', (time()-192000), '/', '.kayiprihtim.org', 0);
     
?>
<SCRIPT src="images/top.js" type=text/javascript></SCRIPT>
<SCRIPT language=javascript src=\"images/sozluk.js\"></SCRIPT>
<META content="bar ortamlari" name=keywords>
<META content="bar ortamlari" name=description><LINK href="favicon.ico"
rel="shortcut Icon"><LINK href="favicon.ico" rel=icon><LINK
href="images/sozluk.css" type=text/css rel=stylesheet>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-9">
<SCRIPT language=javascript src="images/sozluk.js"></SCRIPT>
 
<center>Bizi tercih ettiiniz için te_ekkürler..<br>
                                              
    1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:

    Select allOpen in new window

     

    by: shadow_shooterPosted on 2009-03-14 at 06:26:11ID: 23886655

    By the way, $verified_user is a session variable that is defined by session_register function.

     

    by: drakeshePosted on 2009-03-14 at 06:28:00ID: 23886665

    setting sessions I think can interfere with setting cookies.

     

    by: shadow_shooterPosted on 2009-03-14 at 06:30:42ID: 23886684

    Well, even putting the part of session variables out of my code doesn't help either. This is what I thought first too...

     

    by: drakeshePosted on 2009-03-14 at 06:33:05ID: 23886706

    Prety much if you set a session it sets the header and you cant set a cookie after thats done.

     

    by: shadow_shooterPosted on 2009-03-14 at 06:42:36ID: 23886789

    But there are examples of websites using both even on my another website, i both use session variables and cookies? Is there a source verifying this?

     

    by: Ray_PaseurPosted on 2009-03-14 at 09:44:44ID: 23887615

    You can use sessions and cookies together.  You just have to do things in the right order.

    Do session_start() first.
    Do ob_start() next.
    Read $_COOKIE and process anything associated with the existing cookies.

    If you want to "delete" a cookie, you simply use setcookie() with the cookie name, a useless value, and a date/time in the past.  This is commonly done in a logout script.  I will post one for you in a moment

    Learning about cookies is not easy - they are not intuitive.  That is because the cookies are NOT AVAILABLE to the script that sets them - only to subsequent scripts.  Perhaps you have noticed that login scripts set cookies, then redirect the browser to a new page?  The cookie is available on that new page.

    Here is a script that teaches about how to set cookies and how to understand them.  Print the code, install it on your server and run it, reading the code as you watch the script output.  It should help clarify things for you.

    <?php // RAY_cookie_example.php
 
// RECEIVE FORM INPUT AND SET A COOKIE WITH THE NAME AND VALUES FROM THE FORM
// MAN PAGE: http://us.php.net/manual/en/function.setcookie.php
// TO SEE COOKIES IN FIREFOX, FOLLOW TOOLS => OPTIONS => PRIVACY => SHOW COOKIES
 
define('COOKIE_LIFE', 60*60*24); // A 24-HOUR DAY IN SECONDS ( = 86,400 )
 
if (!empty($_POST)) // IF THE FORM HAS BEEN POSTED
{
 
// TIDY UP THE POST INPUT
   $name = substr(clean_string($_POST["name"]),0,16);
   $data = substr(clean_string($_POST["data"]),0,16);
 
// BE SURE WE HAVE USEFUL INFORMATION
   if ( ($name == '') || ($data == '') ) die("MISSING INPUT: PLEASE <a href=\"$PHP_SELF\">TRY AGAIN</a>");
 
// CONSTRUCT THE COOKIE
// USE THIS TO MAKE COOKIE EXPIRE AT END OF SESSION
   $cookie_expires	= 0;
 
// USE THIS TO MAKE A PERSISTENT COOKIE - DEFINE COOKIE_LIFE IN SECONDS - date('Z') IS UTC OFFSET IN SECONDS
   $cookie_expires	= time() + date('Z') + COOKIE_LIFE;
 
// CHOOSE THE COOKIE NAME AND VALUE
   $cookie_name 	= $name;
   $cookie_value	= $data;
 
// MAKE THE COOKIE AVAILABLE TO ALL DIRECTORY PATHS IN THE WWW ROOT
   $cookie_path	= '/';
 
// MAKE THE COOKIE AVAILABLE TO ALL SUBDOMAINS - DOMAIN SETTING STARTS WITH DOT - NO WWW, ETC.
   $cookie_domain	= ereg_replace('^www', '', strtolower($_SERVER["HTTP_HOST"]));
 
// MAKE THE COOKIE AVAILABLE TO HTTP, NOT JUST HTTPS
   $cookie_secure	= FALSE;
 
// HIDE COOKIE FROM JAVASCRIPT
   $cookie_http	= TRUE;
 
// SET THE COOKIE
   if (setcookie($cookie_name, $cookie_value, $cookie_expires, $cookie_path, $cookie_domain, $cookie_secure, $cookie_http))
   {
      echo "<br/>SUCCESS!  THE COOKIE HAS BEEN SET AND WILL BE AVAILABLE TO THE NEXT PAGE LOAD \n";
   } else {
      echo "<br/>FAILURE!  THE COOKIE WAS NOT SET AS EXPECTED \n";
   }
 
// AT THIS POINT, THE COOKIE HAS BEEN SET, BUT IT IS _NOT_ AVAILABLE TO THIS SCRIPT.  IT WILL BE AVAILABLE TO THE NEXT SCRIPT!
   echo '<pre>$_COOKIE CONTAINS '; var_dump($_COOKIE); echo "</pre>\n";
   echo '<pre>$_POST CONTAINS ';   var_dump($_POST);   echo "</pre>\n";
   echo "<br/>THE COOKIE HAS BEEN SET WITH THESE VALUES: \n";
   echo "<br/>COOKIE NAME: $cookie_name \n";
   echo "<br/>COOKIE VALUE: $cookie_value \n";
   echo "<br/>COOKIE EXPIRES: $cookie_expires ";
   echo " == " . date('r') . "\n";
   echo "<br/>COOKIE PATH: $cookie_path \n";
   echo "<br/>COOKIE DOMAIN: $cookie_domain \n";
   echo "<br/>COOKIE SECURE: "; var_dump($cookie_secure); echo " \n";
   echo "<br/>COOKIE HTTP: ";   var_dump($cookie_http);   echo " \n";
 
   echo "<br/>";
   echo "<br/>TO SEE THE COOKIES, IF ANY, <a href=\"$PHP_SELF\">CLICK HERE</a> \n";
   echo "<br/>";
}
 
// END OF SETTING THE COOKIE
?>
 
 
<form method="post">
COOKIE NAME: <input name="name" /><br/>
COOKIE DATA: <input name="data" /><br/>
<input type="submit" />
</form>
 
 
<?php
// SHOW THE COOKIE ARRAY, IF ANY
echo '<pre>$_COOKIE CONTAINS '; var_dump($_COOKIE); echo "</pre>\n";
 
 
// A FUNCTION TO FORCE A STRING TO CHARACTERS ONLY
function clean_string($string)
{
   return trim(ereg_replace('[^a-zA-Z0-9_]', '', $string));
}
?>

                                              
    1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:

    Select allOpen in new window

     

    by: Ray_PaseurPosted on 2009-03-14 at 09:48:14ID: 23887620

    Here is a sample "logout" script.

    <?php // RAY_logout.php
 
// CLEAR THE INFORMATION FROM THE SESSION
$_SESSION = array();
 
// IF THE SESSION IS KEPT IN A COOKIE, FORCE IT TO EXPIRE
if (isset($_COOKIE[session_name()]))
{
   setcookie(session_name(), '', time()-42000, '/');
}
 
// TELL PHP TO ELIMINATE THE SESSION
session_destroy();
 
// REDIRECT TO THE HOME PAGE
header("Location: /");
exit;
 
?>

                                              
    1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:

    Select allOpen in new window

     

    by: Ray_PaseurPosted on 2009-03-14 at 09:56:56ID: 23887642

    Here is another sample logout script that teaches how to eliminate all the cookies.

    Please post back here if you have any questions, ~Ray

    <?php // RAY_logout.php
error_reporting(E_ALL);
 
 
define('COOKIE_LIFE', 60*60*24); // A 24-HOUR DAY IN SECONDS ( = 86,400 )
$cookie_expires	= time() - date('Z') - COOKIE_LIFE;
 
 
// CLEAR THE INFORMATION FROM THE $_SESSION ARRAY
$_SESSION = array();
 
// IF THE SESSION IS KEPT IN COOKIE, FORCE SESSION COOKIE TO EXPIRE
if (isset($_COOKIE[session_name()]))
{
   setcookie(session_name(), '', $cookie_expires, '/');
}
 
// TELL PHP TO ELIMINATE THE SESSION
session_destroy();
 
 
 
 
 
 
// CLEAR ALL COOKIES WITH THIS CODE
foreach ($_COOKIE as $key => $value)
{
   setcookie($key, '', $cookie_expires, '/');
}
 
 
 
 
 
// REDIRECT TO THE HOME PAGE
header("Location: /");
exit;
 
?>

                                              
    1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:

    Select allOpen in new window

     

    by: shadow_shooterPosted on 2009-03-15 at 00:23:08ID: 23890103

    Ray Paseur, It worked like a miracle. Thanks for the efforts.

     

    by: shadow_shooterPosted on 2009-03-15 at 00:25:15ID: 31558065

    Thank you.

     

    by: Ray_PaseurPosted on 2009-03-15 at 06:47:02ID: 23891322

    Thanks for the points!  It's a great question and one that confuses a lot of developers.  Best regards, ~Ray

    20120131-EE-VQP-002

    3 Ways to Join

    30-Day Free Trial

    The Experts

    98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

    He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

    The Experts

    97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

    The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

    Testimonials

    "...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

    Testimonials

    "I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

    Testimonials

    "WOW! You guys have great, active, and knowledgeable people on here." moore50

    Business Clients

    Business Clients

    In the Press

    "If you’ve got a question... Experts Exchange can supply an answer.”

    In the Press

    "...an invaluable aid for both IT professionals and those who require tech support."

    In the Press

    "where IT professionals provide quick answers on just about any topic"

    Business Account Plans

    Loading Advertisement...