p2p.wrox.com Forums

Need to download code?

View our list of code downloads.


  Return to Index  

beginning_php thread: how do I destroy a cookie?


Message #1 by spam@k... on Mon, 24 Feb 2003 09:33:39 -0600
Sorry, maybe my question sounded complicated. It's simple. How do you destroy a cookie? On www.php.net
they suggest creating a new cookie with the same name as the old cookie, but with a negative time factor. That doesn't seem to be
working for me. Even this very simple line doesn't seem to overwrite the old value:

setcookie ("jess", $jess);

What would you do? How do you, any of you reading this, destroy cookies? 




















------------------------------------------------
On Sat, 22 Feb 2003 14:54:07 -0600, spam@k... wrote:



Maybe I'm making the simple complicated. 

How do people log out? I'm asking all of you, assuming you've all written logout functions. Right now I'm doing this:

if ($logged == "logout") {
$jess = "logout";
setcookie ("jess", $jess);
header ("Location: http://www.krubner.com/");
}

It's not working. It's supposed to overwrite the cookie called Jess, but it isn't working. Even after I click on the link which
attaches logged=logout to the end of the url, I can still go back to the page without having to log in. Why?

I know $logged does in fact equal "logout"  because the header() function works. But I can still get back to that page, so $jess
clearly doesn't equal "logout" .

This is how I handle the login:


if ($jess != "xxx") {

setcookie ("jess", "");

   echo "<form method=\"post\" action=\"index.php?articleId=42\">

    Please type your password:<br>

    <input type='text' name='jess'><br>

    <input type='submit' name='submit' value='submit'>

     </form></body></html>";

   exit();

} 

if ($jess == "xxx") {

setcookie ("jess", $jess);

[lots more stuff]
}














------------------------------------------------
On Fri, 21 Feb 2003 13:58:12 -0600, spam@k... wrote:

> 
> > > I'm sure I'm overlooking the most obvious thing in the world, but why is 
> > > it that, on this page http://www.krubner.com/index.htm?articleId=42, when 
> > > I hit submit , the variable $jess never shows up? 
> > 
> > Are you still running PHP with register_globals = off?
> > 
> > What exactly (in english, not php) are you trying to do with this code?
> 
> register_globals is on. The code is simply supposed to keep people from seeing a page unless they've typed in the right
password ($jess). All the print_r() stuff is just there for debugging. After a few hours tinkering I realized the problem was with
retrieving this code from a database and then hitting it with eval(). That works for echo statements and some variables, but for
whatever reason it didn't work for $jess. 
> 
> So then I took the code out of the database and got around the whole issue with eval. I hard coded the code into the main page,
which has code for rendering the template. Clunky, but whatever, I was tight on time this morning. 
> 
> Then I ran into what seems like an even more obvious problem. The variable $jess was now, finally, visible, it showed up as
part of the global variables, but now I couldn't destroy it. Still working on that one. Trying to do some kind of logout thing but
can't overwrite the cookie $jess. Don't know why. 
> 
> 
> 

Message #2 by "Chris Koncewicz" <koncewicz@b...> on Mon, 24 Feb 2003 15:51:50 -0000
I use a line like 

Setcookie ("jess", $jess, time()-3600);

And then the browser should automatically clear the cookie for you. Do
you know how long the cookie is persisting? I had problems in the past
where I set a cookie and tried to read it in the same script. The value
couldn't be read until I loaded a new page (or reloaded the current
one). Are you having a similar problem here?

CK

-----Original Message-----
From: spam@k... [mailto:spam@k...] 
Sent: 24 February 2003 15:34
To: beginning php
Subject: [beginning_php] how do I destroy a cookie?

Sorry, maybe my question sounded complicated. It's simple. How do you
destroy a cookie? On www.php.net they suggest creating a new cookie with
the same name as the old cookie, but with a negative time factor. That
doesn't seem to be working for me. Even this very simple line doesn't
seem to overwrite the old value:

setcookie ("jess", $jess);

What would you do? How do you, any of you reading this, destroy cookies?





















------------------------------------------------
On Sat, 22 Feb 2003 14:54:07 -0600, spam@k... wrote:



Maybe I'm making the simple complicated. 

How do people log out? I'm asking all of you, assuming you've all
written logout functions. Right now I'm doing this:

if ($logged == "logout") {
$jess = "logout";
setcookie ("jess", $jess);
header ("Location: http://www.krubner.com/");
}

It's not working. It's supposed to overwrite the cookie called Jess, but
it isn't working. Even after I click on the link which attaches
logged=logout to the end of the url, I can still go back to the page
without having to log in. Why?

I know $logged does in fact equal "logout"  because the header()
function works. But I can still get back to that page, so $jess clearly
doesn't equal "logout" .

This is how I handle the login:


if ($jess != "xxx") {

setcookie ("jess", "");

   echo "<form method=\"post\" action=\"index.php?articleId=42\">

    Please type your password:<br>

    <input type='text' name='jess'><br>

    <input type='submit' name='submit' value='submit'>

     </form></body></html>";

   exit();

} 

if ($jess == "xxx") {

setcookie ("jess", $jess);

[lots more stuff]
}














------------------------------------------------
On Fri, 21 Feb 2003 13:58:12 -0600, spam@k... wrote:

> 
> > > I'm sure I'm overlooking the most obvious thing in the world, but
why is 
> > > it that, on this page
http://www.krubner.com/index.htm?articleId=42, when 
> > > I hit submit , the variable $jess never shows up? 
> > 
> > Are you still running PHP with register_globals = off?
> > 
> > What exactly (in english, not php) are you trying to do with this
code?
> 
> register_globals is on. The code is simply supposed to keep people
from seeing a page unless they've typed in the right password ($jess).
All the print_r() stuff is just there for debugging. After a few hours
tinkering I realized the problem was with retrieving this code from a
database and then hitting it with eval(). That works for echo statements
and some variables, but for whatever reason it didn't work for $jess. 
> 
> So then I took the code out of the database and got around the whole
issue with eval. I hard coded the code into the main page, which has
code for rendering the template. Clunky, but whatever, I was tight on
time this morning. 
> 
> Then I ran into what seems like an even more obvious problem. The
variable $jess was now, finally, visible, it showed up as part of the
global variables, but now I couldn't destroy it. Still working on that
one. Trying to do some kind of logout thing but can't overwrite the
cookie $jess. Don't know why. 
> 
> 
> 




Message #3 by spam@k... on Mon, 24 Feb 2003 10:02:00 -0600
That is exactly the problem I'm having. On the page there is a logout link, that appends "logged=logout"
to the end of the url. This then gets picked up by this part of the script:


> if ($logged == "logout") {
> $jess = "logout";
> setcookie ("jess", $jess);
> header ("Location: http://www.krubner.com/");
> }

I know this is working because the header() function kicks in and people get redirected to the front page. But I can still get back
to the page I've supposedly log out of. That shouldn't happen. I should only be able to get into that page when $jess equals a
certain password. This yet I seem to be getting in any way. This is the logon portion of the script: 



> if ($jess != "xxx") {
> setcookie ("jess", "");
>    echo "<form method=\"post\" action=\"index.php?articleId=42\">
>     Please type your password:<br>
>     <input type='text' name='jess'><br>
>     <input type='submit' name='submit' value='submit'>
>      </form></body></html>";
>    exit();
> } 
> if ($jess == "xxx") {
> setcookie ("jess", $jess);
> [lots more stuff]
> }



















------------------------------------------------
On Mon, 24 Feb 2003 15:51:50 -0000, "Chris Koncewicz" <koncewicz@b...> wrote:

> I use a line like 
> 
> Setcookie ("jess", $jess, time()-3600);
> 
> And then the browser should automatically clear the cookie for you. Do
> you know how long the cookie is persisting? I had problems in the past
> where I set a cookie and tried to read it in the same script. The value
> couldn't be read until I loaded a new page (or reloaded the current
> one). Are you having a similar problem here?
> 
> CK
> 
> -----Original Message-----
> From: spam@k... [mailto:spam@k...] 
> Sent: 24 February 2003 15:34
> To: beginning php
> Subject: [beginning_php] how do I destroy a cookie?
> 
> Sorry, maybe my question sounded complicated. It's simple. How do you
> destroy a cookie? On www.php.net they suggest creating a new cookie with
> the same name as the old cookie, but with a negative time factor. That
> doesn't seem to be working for me. Even this very simple line doesn't
> seem to overwrite the old value:
> 
> setcookie ("jess", $jess);
> 
> What would you do? How do you, any of you reading this, destroy cookies?
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> ------------------------------------------------
> On Sat, 22 Feb 2003 14:54:07 -0600, spam@k... wrote:
> 
> 
> 
> Maybe I'm making the simple complicated. 
> 
> How do people log out? I'm asking all of you, assuming you've all
> written logout functions. Right now I'm doing this:
> 
> if ($logged == "logout") {
> $jess = "logout";
> setcookie ("jess", $jess);
> header ("Location: http://www.krubner.com/");
> }
> 
> It's not working. It's supposed to overwrite the cookie called Jess, but
> it isn't working. Even after I click on the link which attaches
> logged=logout to the end of the url, I can still go back to the page
> without having to log in. Why?
> 
> I know $logged does in fact equal "logout"  because the header()
> function works. But I can still get back to that page, so $jess clearly
> doesn't equal "logout" .
> 
> This is how I handle the login:
> 
> 
> if ($jess != "xxx") {
> setcookie ("jess", "");
>    echo "<form method=\"post\" action=\"index.php?articleId=42\">
>     Please type your password:<br>
>     <input type='text' name='jess'><br>
>     <input type='submit' name='submit' value='submit'>
>      </form></body></html>";
>    exit();
> } 
> if ($jess == "xxx") {
> setcookie ("jess", $jess);
> [lots more stuff]
> }
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> ------------------------------------------------
> On Fri, 21 Feb 2003 13:58:12 -0600, spam@k... wrote:
> 
> > 
> > > > I'm sure I'm overlooking the most obvious thing in the world, but
> why is 
> > > > it that, on this page
> http://www.krubner.com/index.htm?articleId=42, when 
> > > > I hit submit , the variable $jess never shows up? 
> > > 
> > > Are you still running PHP with register_globals = off?
> > > 
> > > What exactly (in english, not php) are you trying to do with this
> code?
> > 
> > register_globals is on. The code is simply supposed to keep people
> from seeing a page unless they've typed in the right password ($jess).
> All the print_r() stuff is just there for debugging. After a few hours
> tinkering I realized the problem was with retrieving this code from a
> database and then hitting it with eval(). That works for echo statements
> and some variables, but for whatever reason it didn't work for $jess. 
> > 
> > So then I took the code out of the database and got around the whole
> issue with eval. I hard coded the code into the main page, which has
> code for rendering the template. Clunky, but whatever, I was tight on
> time this morning. 
> > 
> > Then I ran into what seems like an even more obvious problem. The
> variable $jess was now, finally, visible, it showed up as part of the
> global variables, but now I couldn't destroy it. Still working on that
> one. Trying to do some kind of logout thing but can't overwrite the
> cookie $jess. Don't know why. 
> > 
> > 
> > 
> 
> 
> 
> 
> 
> 
Message #4 by "Nikolai Devereaux" <yomama@u...> on Mon, 24 Feb 2003 12:21:27 -0800
> And then the browser should automatically clear the cookie for you. Do
> you know how long the cookie is persisting? I had problems in the past
> where I set a cookie and tried to read it in the same script. The value
> couldn't be read until I loaded a new page (or reloaded the current
> one). Are you having a similar problem here?


This isn't so much of a "problem" as it is just the way things work.

When the client first requests a page, there are no cookies set.  The PHP
script sets a cookie by sending header content before the HTML content of
the requested page.

That means that $_COOKIE is not yet populated with cookie values, since the
client has never sent them with a new request.

When you use setcookie() to create a new cookie, or modify the value of an
existing cookie, those changes are _NOT_ immediately apparent in $_COOKIE.

$_COOKIE holds the values of whatever cookie variables the client had when
they requested the page.


Take care,

Nik

Message #5 by "Chris Koncewicz" <koncewicz@b...> on Mon, 24 Feb 2003 22:25:17 -0000
Nik,
When you say these things, it all seems so blindingly obvious! Guess I
understand why I can't set and read the same cookie in one page now..!!
Thanks for always answering these questions so clearly =)

-----Original Message-----
From: Nikolai Devereaux [mailto:yomama@u...] 
Sent: 24 February 2003 20:21
To: beginning php
Subject: [beginning_php] RE: how do I destroy a cookie?


> And then the browser should automatically clear the cookie for you. Do
> you know how long the cookie is persisting? I had problems in the past
> where I set a cookie and tried to read it in the same script. The
value
> couldn't be read until I loaded a new page (or reloaded the current
> one). Are you having a similar problem here?


This isn't so much of a "problem" as it is just the way things work.

When the client first requests a page, there are no cookies set.  The
PHP
script sets a cookie by sending header content before the HTML content
of
the requested page.

That means that $_COOKIE is not yet populated with cookie values, since
the
client has never sent them with a new request.

When you use setcookie() to create a new cookie, or modify the value of
an
existing cookie, those changes are _NOT_ immediately apparent in
$_COOKIE.

$_COOKIE holds the values of whatever cookie variables the client had
when
they requested the page.


Take care,

Nik





  Return to Index