Cookie Expiry In PHP

Hi Experts,

I am having trouble setting the cookie expiry in PHP.

I have tried
        $lifetime = (60 * $env['timeout_minutes']); //in seconds
        setcookie('CRM', '', $lifetime, '/', $env['domain'], TRUE, FALSE);

Open in new window


and

        $lifetime = time() - (60 * $env['timeout_minutes']); //in seconds
session_set_cookie_params($lifetime, '/', $env['domain'], TRUE, FALSE);

Open in new window


$env['timeout_minutes'] is set to 60 elsewhere.
APD TorontoSoftware DeveloperAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
Cookie expiration is done by setting the time to 0 or negative.  Note that expiration is actually done by the browser after it receives the cookie from the server.

http://php.net/manual/en/function.setcookie.php

Session time-outs are determined on a shared server by the lowest timeout value which is by default 1440 seconds.  It is not generally recommend that you try to change the session timeout values because they are shared by everyone on the server.

http://php.net/manual/en/function.session-set-cookie-params.php
0
Dave BaldwinFixer of ProblemsCommented:
Note that when you expire a cookie, you need to use Exactly the same parameters that were used to set it except for the 'value' and 'time-out'.  Everything else must be Exactly the same or it will not match what the browser data is for that cookie.
0
Julian HansenCommented:
Is the question about how to mark a cookie as expired or how to set the time at which the cookie will expire?

If you echo $lifetime out what do you get?

Also you have secure set to TRUE (Second last parameter) which means that cookie will only be sent over an HTTPS link - are you accessing your site with HTTPS or HTTP  - if the latter - not going to work.
0
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

APD TorontoSoftware DeveloperAuthor Commented:
I changed my code slightly to

<?php

//This is the model file for the current module.

    $cookie = array();
    $cookie['name'] = 'CRM';
    $cookie['value'] = '';
    $cookie['timeout_minutes'] = $env['timeout_minutes'];
    $cookie['path'] = '/';
    $cookie['domain'] = $env['domain'];

    $cookie['secure'] = FALSE;
    if ($env['force_ssl']){ $cookie['secure'] = TRUE;  }

    $cookie['httponly'] = TRUE;

class Login{
    
    public static function verify_login(){
        
        global $cookie;
    
//        self::logout(); //destroy previous sessions.
        
        $lifetime = time() + (60 * $cookie['timeout_minutes']); //in seconds
        setcookie($cookie['name'], $cookie['value'], $lifetime, $cookie['path'], 
                  $cookie['domain'], $cookie['secure'], $cookie['httponly']);

        print_variable($cookie, 'cookie');
        die();

Open in new window


The output for line 29 is
=========START=========
cookie
Array
(
    [name] => CRM
    [value] => 
    [timeout_minutes] => 60
    [path] => /
    [domain] => 192.168.2.200
    [secure] => 
    [httponly] => 1
)

=========END=========

Open in new window


However, Chrome is showing

Cookie-Chrome.JPG
As you can see it is not accepting the cookie name and expiry.
0
Julian HansenCommented:
Why are we looking at a screen shot of the PHP Session ID cookie?
0
Dave BaldwinFixer of ProblemsCommented:
I wrote a test program and put it on one of my domains at http://davidibaldwin.org/CookieExp.php .  The first problem is that apparently you can't set a cookie without a value and you don't have one in your example code.  This is my test program.  You have to run it twice to see the cookies that it sets.  Which is normal.
<?php

$cookie = array();
$cookie['name'] = 'CRM';
$cookie['value'] = 'xx';
$cookie['timeout_minutes'] = "10";
$cookie['path'] = '/';
$cookie['domain'] = ".davidibaldwin.org";

$cookie['secure'] = FALSE;
//if ($env['force_ssl']){ $cookie['secure'] = TRUE;  }

$cookie['httponly'] = FALSE;
       
$lifetime = time() + (60 * $cookie['timeout_minutes']); //in seconds
setcookie($cookie['name'], $cookie['value'], $lifetime, $cookie['path'],$cookie['domain'], $cookie['secure'],$cookie['httponly']);

setcookie("TestCookie", 'check', time()+3600, "/", ".davidibaldwin.org");

//print_variable($cookie, 'cookie');
echo "<pre>\r\n";
print_r($cookie);

$cukarr = array();
foreach($_COOKIE as $key => $value) {
		$cukarr[] = $key;
    echo "<b>$key :</b> $value<br />\r\n";
}
echo "</pre>";

die();

Open in new window

1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
APD TorontoSoftware DeveloperAuthor Commented:
Why are we looking at a screen shot of the PHP Session ID cookie?

...Because, that is the only cookie under 192.168.2.200
0
APD TorontoSoftware DeveloperAuthor Commented:
With setting the value, I now see my CRM cookie as well, but why PHPSESSID is still being created?
0
Dave BaldwinFixer of ProblemsCommented:
PHPSESSID is created with session_start() on some page and only gets deleted when you close your browser completely meaning all open windows and the program itself.
0
APD TorontoSoftware DeveloperAuthor Commented:
Thank you!
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.