• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 287
  • Last Modified:

Cookies and Expiration Dates

Hi,
I am trying to change the cookies that we use on our company website. Currently the cookies that are set are set to expire one year after they are created in the users cookie folder. What I want to do is to change the expiration date to be in 24 hours, which I know how to do. The problem that I am having is how do I force the user to create a new cookie with the new expiration date when the cookie that they have on their system is not set to expire until 1 year. I could have all th users log off the website the next time they leave which deletes out the cookie, but it probably would not catch everyone. Is there some code that I could use to check and see if the expiration date is longer than a cetain amount of time and then create a new one if it is? I also thinking of using session cookies instead of cookies that expire. Any help would be greatly appreciated.
Thanks,
T Bryan
0
jahmekyat
Asked:
jahmekyat
  • 2
  • 2
1 Solution
 
sstoukCommented:
The simpliest solution: Change the cookie name within your code.
This will make sure that the new cookie will be created and used and the old one will just stay on the end-use PC in IE cache until the user cleans them out.
0
 
jahmekyatAuthor Commented:
Hi sstouk,
I beleive right now we just use the url address as the cookie name. If I look in my cookie folder I can find the name for our website and it is the URL address, is that the cookie name it is using? So, if I am looking for a cookie with the new name and it does not exist, it will make the user logon to create the new cookie? That sounds good and should work. What is the difference in setting a session cookie with one that expires in a matter of time instead of with the current session. Would it take a lot of time to change that and would there be advantages to being a session cookie. They main problem we are having with our site is that the cookies are set to expire in a year and the site uses cookies to view certain things. If we discontinue someones account, they can sometimes get back on the site because there cookie is not expired. and the code cheks to see if they are signed up or not and if the cookie is still there, it will let them view parts of the website we don't want them to see. So I was actually thinking of using a sesion cookie to make them logon to the site everytime they visit to help keep out people we don't want on the site. Any comments would be helpful.
Thanks for your help,
T Bryan
0
 
sstoukCommented:
The cookie name is actually specified within the script itself.
the portion of the script that handles HTML header generation.
if you can find it, you can slightly change the name.
For example in one of my scripts I have a cookie generation routine:

my($cookie_auth) = $cgi->cookie(-name=>"$main::Html{CookieName}",
                       -value=>$cvalue_auth,
                       -expires=>'+10d'
                       );

$cgi->cookie()  handles the specific cookie.
You can pass a parameter to set the name.
I think if there is no parameter, then the Http address is used as a name.
You can control it.

By controlling the cookie name you can allow same script to be installed several times on the same web server and cookies fore each instance will be handled separately. Or, in your case, you can change to a new cookie.

But generally if you force the cookie to be updated, then it will be updated on the client side.

                  print  $cgi->header(
                                  #-nph=>1,
                                  -type=>'text/html',
                                   -charset=>$main::Html{CookieAnswer}{charset},
                                   -cookie=>$cookie_auth,
                                  -expires=>'now',
                                   -title=>$title,
                                  );
If $cookie_auth is modified

my($cookie_auth) = $cgi->cookie(-name=>"$main::Html{CookieName}",
                       -value=>$cvalue_auth,
                       -expires=>'+1d'
                       );
And then the header printed to a remote client you do not even need to change the cookie name. it will be forced to every client that connects.


0
 
jahmekyatAuthor Commented:
Thanks  sstouk,
I didn't realize that it could be so simple, but this should work great. I will change the name of the cookie and when they are not recognized by the website, it will set the new one with the shorter expiration date.
Thanks,
T Bryan
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now