Deleting cookies [message #169820] |
Mon, 27 September 2010 16:58 |
MikeB
Messages: 65 Registered: September 2010
Karma: 0
|
Member |
|
|
As I understand it, detting and deleting cookies has to be done *before*
any other text or headers are sent to the browser.
So, should this example delete all cookies that my session can see?
There is one cookie that seems to live beyond this, and I can't figure
out why.
Thanks
--------------
<?php
foreach ($_COOKIE as $ck => $c) {
$cookies = array();
$exp = time()-3600;
$result = setcookie($ck, $c, $exp);
$cookies[] = "<br />Result = $result (setcookie($ck, $c,
$exp)";
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Delete cookies</title>
</head>
<body>
<?php
echo "<pre>";
print_r( $cookies);
echo "</pre>";
?>
</body>
</html>
|
|
|
Re: Deleting cookies [message #169821 is a reply to message #169820] |
Mon, 27 September 2010 17:36 |
Michael
Messages: 9 Registered: September 2010
Karma: 0
|
Junior Member |
|
|
On 9/27/2010 11:58 AM, MikeB wrote:
> As I understand it, detting and deleting cookies has to be done *before*
> any other text or headers are sent to the browser.
>
> So, should this example delete all cookies that my session can see?
>
> There is one cookie that seems to live beyond this, and I can't figure
> out why.
Do all of the cookies have the same path parameter? I believe all
arguments to setcookie() when unsetting must be supplied as they were
supplied when the cookie was created. That includes, the domain, path,
and https.
Have a look at the cookie contents with Firefox+Firebug+Firecookie or
Chrome's Developer Tools.
--
Michael
|
|
|
Re: Deleting cookies [message #169823 is a reply to message #169821] |
Mon, 27 September 2010 18:19 |
MikeB
Messages: 65 Registered: September 2010
Karma: 0
|
Member |
|
|
Michael wrote:
> On 9/27/2010 11:58 AM, MikeB wrote:
>> As I understand it, detting and deleting cookies has to be done *before*
>> any other text or headers are sent to the browser.
>>
>> So, should this example delete all cookies that my session can see?
>>
>> There is one cookie that seems to live beyond this, and I can't figure
>> out why.
>
> Do all of the cookies have the same path parameter? I believe all
> arguments to setcookie() when unsetting must be supplied as they were
> supplied when the cookie was created. That includes, the domain, path,
> and https.
>
> Have a look at the cookie contents with Firefox+Firebug+Firecookie or
> Chrome's Developer Tools.
OK, so that implies that there is a parameter (attribute) of a cookie
that is NOT in the $_COOKIE variable that is required to know before one
can delete a cookie? Hmm...
Thanks.
|
|
|
Re: Deleting cookies [message #169824 is a reply to message #169821] |
Mon, 27 September 2010 18:48 |
MikeB
Messages: 65 Registered: September 2010
Karma: 0
|
Member |
|
|
Michael wrote:
>
> Have a look at the cookie contents with Firefox+Firebug+Firecookie or
> Chrome's Developer Tools.
OK, now this is perhaps not a PHP topic anymore, so if someone know the
right place for this, please tell me.
The cookie I'm struggling with is one named "mbcc" without, of course,
the quotes.
If I search for it in my list of cookies that Firefox has, I find 6
instances of this cookie, for the following sites:
answers.oreilly.com
forums.oreilly.com
localhost
mrsfields.com
oreilly.com
oreillynet.com
The content on each site is different, as is the expiry time.
In all instances the path is "/" (again, no quotes).
So why does the code in the OP not delete this cookie (at least for
localhost where I'm testing)?
If localhost updates the cookie, then the contents of this cookie is not
visible, for instance, on the mrsfields.com site, right?
So the assumption I can make here is that there is some common code
running on oreilly and mrsfields that uses a cookie named mbcc?
But what about localhost? How did the cookie come to be here?
I'm running EasyPHP with Apache, MySQL, and phpMyAdmin as stuff that has
localhost addresses and then of course my own testing.
But even before I created a cookie, this cookie exists. So now I assume
that one of those three products mentioned above creates and uses this
mbcc cookie? Is that right?
When I added the path argument to the setcookie call, the cookie did get
deleted, but now I don't understand, since / is the default path, it
*should* have been deleted on my first attempt?
PS. i did try and google that cookie name, but I got flooded by
irrelevant hits. :(
Confused,
Mike
|
|
|
Re: Deleting cookies [message #169827 is a reply to message #169824] |
Mon, 27 September 2010 19:49 |
Jerry Stuckle
Messages: 2598 Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 9/27/2010 2:48 PM, MikeB wrote:
> Michael wrote:
>>
>> Have a look at the cookie contents with Firefox+Firebug+Firecookie or
>> Chrome's Developer Tools.
>
> OK, now this is perhaps not a PHP topic anymore, so if someone know the
> right place for this, please tell me.
>
> The cookie I'm struggling with is one named "mbcc" without, of course,
> the quotes.
>
> If I search for it in my list of cookies that Firefox has, I find 6
> instances of this cookie, for the following sites:
>
> answers.oreilly.com
> forums.oreilly.com
> localhost
> mrsfields.com
> oreilly.com
> oreillynet.com
>
> The content on each site is different, as is the expiry time.
>
> In all instances the path is "/" (again, no quotes).
>
> So why does the code in the OP not delete this cookie (at least for
> localhost where I'm testing)?
>
> If localhost updates the cookie, then the contents of this cookie is not
> visible, for instance, on the mrsfields.com site, right?
>
> So the assumption I can make here is that there is some common code
> running on oreilly and mrsfields that uses a cookie named mbcc?
>
> But what about localhost? How did the cookie come to be here?
>
> I'm running EasyPHP with Apache, MySQL, and phpMyAdmin as stuff that has
> localhost addresses and then of course my own testing.
>
> But even before I created a cookie, this cookie exists. So now I assume
> that one of those three products mentioned above creates and uses this
> mbcc cookie? Is that right?
>
> When I added the path argument to the setcookie call, the cookie did get
> deleted, but now I don't understand, since / is the default path, it
> *should* have been deleted on my first attempt?
>
> PS. i did try and google that cookie name, but I got flooded by
> irrelevant hits. :(
>
> Confused,
> Mike
>
>
Yes, other domains are setting cookies in your browser, also. This is
quite normal. Whether or not it is similar code is unknown (and
immaterial).
You can only access cookies from the domain for which the cookie is set.
You cannot access, delete or otherwise do anything to a cookie from
any other domain.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
Re: Deleting cookies [message #169851 is a reply to message #169823] |
Tue, 28 September 2010 13:37 |
Michael
Messages: 9 Registered: September 2010
Karma: 0
|
Junior Member |
|
|
On 9/27/2010 1:19 PM, MikeB wrote:
> OK, so that implies that there is a parameter (attribute) of a cookie
> that is NOT in the $_COOKIE variable that is required to know before one
> can delete a cookie? Hmm...
It sounds like you've got the mystery cookie sorted out and are
beginning to understand better in your other thread. But, yes - there
are additional cookie parameters not readable in the $_COOKIE
superglobal. $_COOKIE only contains key=>value pairs since the client
browser is responsible for determining which domain and path a cookie
should be sent in the first place. PHP doesn't need to know the paths &
domains since the web server should never receive the cookie for an
invalid domain or path.
But if you set the cookie yourself, then you know the correct domain &
path to unset it.
--
Michael
|
|
|