visionari
asked on
Strange problem with Cookies
Hello there,
I am developing a site in php and this is the first time in years I have this kind of problem, and can't figure it out...
The problem is that I create some cookies, erase them and when I refresh the page the cookies are still there.
Example:
Returns:
I have a page called logout.php, I execute it and at the bottom of this page I have
and returns no value, afterwards I leave that page (logout.php) and return to index.php that only has print_r($_COOKIE); exit(); and returns the cookies again!!
I use this function
Has anyone has any idea of what I can be happening?
Thank's in Advanced.
DAniel.
I am developing a site in php and this is the first time in years I have this kind of problem, and can't figure it out...
The problem is that I create some cookies, erase them and when I refresh the page the cookies are still there.
Example:
<?php
print_r($_COOKIE);
exit();
?>
Returns:
Array ( [fbs_149865948383849] => \"access_token=149865948383849|2.PfG _sklQhUD7d SKqe_lzIQ_ _.3600.129 0704400-69 8363010|c0 usGkjKPEsA SYTZqjF_Y- Rwxj8&base _domain=pr egunpedia. com&expire s=12907044 00&secret= nQ3fNvMekK 6D11hbT8XH 6Q__&sessi on_key=2.P fG_sklQhUD 7dSKqe_lzI Q__.3600.1 290704400- 698363010& sig=a440d0 3a60808e5e e02e14a941 a1eea6&uid =698363010 \" [conecta_fb] => iniciado_fb [PHPSESSID] => 015fa2b540ec4185cebd6cab2f 7da027 )
I have a page called logout.php, I execute it and at the bottom of this page I have
print_r($_COOKIES)
and returns no value, afterwards I leave that page (logout.php) and return to index.php that only has print_r($_COOKIE); exit(); and returns the cookies again!!
I use this function
function DeleteAllCookies(){
if (isset($_SERVER['HTTP_COOKIE']))
{
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie)
{
$parts = explode('=', $cookie);
$name = trim($parts[0]);
unset($_COOKIE[$name]);
}
}}
DeleteAllCookies();
unset($_SESSION['conecta_fb']);
unset($_SESSION['plataforma']);
print_r($_COOKIE);
echo "<hr>";
print_r($_SESSION);
header("location: ".$_SERVER['HTTP_REFERER']);
Has anyone has any idea of what I can be happening?
Thank's in Advanced.
DAniel.
This may happen if you have more than one copy of the browser running. All your browser instances share the same cookie jar.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here is my teaching example of a Logout script. See if this makes sense to you. If not, please post back and I'll try to help.
best regards, ~Ray
best regards, ~Ray
<?php // RAY_logout_example.php
error_reporting(E_ALL);
// MAN PAGE HERE: http://us.php.net/manual/en/book.session.php
// ALWAYS START THE SESSION ON EVERY PAGE
session_start();
// SEE IF THE CLIENT IS ALREADY LOGGED OUT
if (empty($_SESSION["uid"]))
{
// CLIENT IS NOT LOGGED IN
echo "<br/>YOU ARE NOT LOGGED IN \n";
echo "<br/>CLICK HERE TO <a href=\"RAY_login_example.php\">LOG IN</a>\n";
die();
}
// SET THE EXPIRATION FOR COOKIES
define('COOKIE_LIFE', 60*60*24); // A 24-HOUR DAY IN SECONDS ( = 86,400 )
$cookie_expires = time() - date('Z') - COOKIE_LIFE;
// CLEAR THE INFORMATION FROM THE $_SESSION ARRAY
$_SESSION = array();
// IF THE SESSION IS KEPT IN COOKIE, FORCE SESSION COOKIE TO EXPIRE
if (isset($_COOKIE[session_name()]))
{
setcookie(session_name(), '', $cookie_expires, '/');
}
// TELL PHP TO ELIMINATE THE SESSION
session_destroy();
// OPTIONAL - CLEAR ALL COOKIES
// foreach ($_COOKIE as $key => $value)
// {
// setcookie($key, '', $cookie_expires, '/');
// }
// OPTIONAL - REDIRECT TO THE HOME PAGE
// header("Location: /");
// exit;
// GIVE THE CLIENT A LINK TO THE LOGIN
echo "<br/>YOU ARE LOGGED OUT\n";
echo "<br/>CLICK HERE TO <a href=\"RAY_login_example.php\">LOG IN</a>\n";
ASKER
Thank's, but didn't work, this is very strange... I must be doing something wrong... I am using the facebook connect (as I am using fb connect and some extra cookies, I would need to kill all cookies), should have any problems as they are all in the same domain, put it fails for some reason...
Thank's all :)
Thank's all :)
What did you see when you ran this command:
var_dump($_COOKIE);
var_dump($_COOKIE);
ASKER
I see this:
array(3) { ["PHPSESSID"]=> string(32) "4f3995a7cc46b0d2bc7c9cdc2 8832af1" ["fbs_149865948383849"]=> string(308) "\"access_token=1498659483 83849|2.nM eKITzS_oQI I4iZDtgXzA __.3600.12 90733200-6 98363010|o 7M1EoDsoJ0 h04nN2baOI fiSy8k&bas e_domain=d aniel.com& expires=12 90733200&s ecret=nzlV tYkyI6jCK7 s_cHoktQ__ &session_k ey=2.nMeXM TzS_oQII4i ZDtgXzA__. 3600.12907 33200-6983 63010&sig= 81d6e6fd25 28064597f1 c518bc508d 62&uid=698 363010\"" ["conecta_fb"]=> string(11) "iniciado_fb" }
array(3) { ["PHPSESSID"]=> string(32) "4f3995a7cc46b0d2bc7c9cdc2
You may find that easier to read if you echo "<pre>"; before the output. And did you make sure that you have only ONE instance of the browser running? Then if you run a script to delete the cookies, they will be gone.
You can use Firefox to see your cookies. On my implementation, it's something like Tools => Options => Privacy => remove individual cookies.
You can use Firefox to see your cookies. On my implementation, it's something like Tools => Options => Privacy => remove individual cookies.
unset($_COOKIE[$name]); won't help. What you are doing is removing the variable from the server side. Cookies are stored in browser so even if you delete it from the server side on next request the browser will send all those and will be re-created. so you have to ask the browser to remove the cookie from its side.
Removing cookie is bit strange. you have to set the cookie you want to remove with exactly all the parameters used to set as you set it but with a pre date to remove it. This triggers the removal mechanism in your browser. Now if you do a redirect the any decent browser is supposed to clear the cookie.
Removing cookie is bit strange. you have to set the cookie you want to remove with exactly all the parameters used to set as you set it but with a pre date to remove it. This triggers the removal mechanism in your browser. Now if you do a redirect the any decent browser is supposed to clear the cookie.
@bansidhar: Exactly what I was trying to get across with the code example at ID:34213132. I do not think all the parameters have to be the same when you remove a cookie. The name has to be the same, and the expiration has to be in the past, but the other parameters do not seem to matter.
other parameters also need to be the same (learned the hard way ;) ) you can have blank string for the value, but path, domain, secure and httponly parameters have to be the same
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
couldn't solve problem...
OK, Here are the results of my tests with cookies. You can set a cookie with an identical name to an existing cookie if the paths are different. However the browser will only return the cookies that are appropriate for your current path. It looks like PHPwill find the most precise cookie, so if you have cookies for '/' and for '/xyz' and you are running in the '/xyz' path, you will see the cookie set for '/xyz' in the $_COOKIE array and will not see the cookie for '/' However if you are running outside of the '/xyz' path you will see the cookie for '/' -- this makes sense.
So if you've gotten cookies set by a specific directory path, you will need to be running a script that is in that directory path to see the cookies, and to unset them.
So if you've gotten cookies set by a specific directory path, you will need to be running a script that is in that directory path to see the cookies, and to unset them.