Cookies and Expiration Dates

Posted on 2004-09-27
Last Modified: 2010-03-05
I am trying to change the cookies that we use on our company website. Currently the cookies that are set are set to expire one year after they are created in the users cookie folder. What I want to do is to change the expiration date to be in 24 hours, which I know how to do. The problem that I am having is how do I force the user to create a new cookie with the new expiration date when the cookie that they have on their system is not set to expire until 1 year. I could have all th users log off the website the next time they leave which deletes out the cookie, but it probably would not catch everyone. Is there some code that I could use to check and see if the expiration date is longer than a cetain amount of time and then create a new one if it is? I also thinking of using session cookies instead of cookies that expire. Any help would be greatly appreciated.
T Bryan
Question by:jahmekyat
  • 2
  • 2

Expert Comment

ID: 12165123
The simpliest solution: Change the cookie name within your code.
This will make sure that the new cookie will be created and used and the old one will just stay on the end-use PC in IE cache until the user cleans them out.

Author Comment

ID: 12165280
Hi sstouk,
I beleive right now we just use the url address as the cookie name. If I look in my cookie folder I can find the name for our website and it is the URL address, is that the cookie name it is using? So, if I am looking for a cookie with the new name and it does not exist, it will make the user logon to create the new cookie? That sounds good and should work. What is the difference in setting a session cookie with one that expires in a matter of time instead of with the current session. Would it take a lot of time to change that and would there be advantages to being a session cookie. They main problem we are having with our site is that the cookies are set to expire in a year and the site uses cookies to view certain things. If we discontinue someones account, they can sometimes get back on the site because there cookie is not expired. and the code cheks to see if they are signed up or not and if the cookie is still there, it will let them view parts of the website we don't want them to see. So I was actually thinking of using a sesion cookie to make them logon to the site everytime they visit to help keep out people we don't want on the site. Any comments would be helpful.
Thanks for your help,
T Bryan

Accepted Solution

sstouk earned 250 total points
ID: 12165518
The cookie name is actually specified within the script itself.
the portion of the script that handles HTML header generation.
if you can find it, you can slightly change the name.
For example in one of my scripts I have a cookie generation routine:

my($cookie_auth) = $cgi->cookie(-name=>"$main::Html{CookieName}",

$cgi->cookie()  handles the specific cookie.
You can pass a parameter to set the name.
I think if there is no parameter, then the Http address is used as a name.
You can control it.

By controlling the cookie name you can allow same script to be installed several times on the same web server and cookies fore each instance will be handled separately. Or, in your case, you can change to a new cookie.

But generally if you force the cookie to be updated, then it will be updated on the client side.

                  print  $cgi->header(
If $cookie_auth is modified

my($cookie_auth) = $cgi->cookie(-name=>"$main::Html{CookieName}",
And then the header printed to a remote client you do not even need to change the cookie name. it will be forced to every client that connects.


Author Comment

ID: 12169730
Thanks  sstouk,
I didn't realize that it could be so simple, but this should work great. I will change the name of the cookie and when they are not recognized by the website, it will set the new one with the shorter expiration date.
T Bryan

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
hard perl script 16 158
compress files in RAR using perl 13 86
perl CPAN issue 3 117
html form to write data to csv 24 137
I have been pestered over the years to produce and distribute regular data extracts, and often the request have explicitly requested the data be emailed as an Excel attachement; specifically Excel, as it appears: CSV files confuse (no Red or Green h…
In the distant past (last year) I hacked together a little toy that would allow a couple of Manager types to query, preview, and extract data from a number of MongoDB instances, to their tool of choice: Excel (…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question