SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Addict AdRock952's Avatar
    Join Date
    Aug 2006
    Posts
    243
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Logout script not destroying cookies

    I have a function that is called when a user clicks on the logout button but the cookies are not getting deleted becuase when i call the function at the top of the page that checks to see if cookies exist, that code is getting executed because the cookies are still there.

    PHP Code:
    function user_logout() {
        
            
    setcookie("cookid"""time() -86400);
        
    setcookie("cookname"""time() -86400);
        
    setcookie("cookemail"""time() -86400);
        
    setcookie("cookuser"""time() -86400);
        
    setcookie("cookencid"""time() -86400);
        
    setcookie("cookencname"""time() -86400);
        
    setcookie("cookencpass"""time() -86400);
        
    setcookie("cookencemail"""time() -86400);
        
    setcookie("cookencuser"""time() -86400);
            
        
    session_unset ();
        
    session_destroy ();

    This function is getting called at the top of every page so could it be that the cookies still exist but with no values so the code is getting executed?

    PHP Code:
    function checkLogin(){
        if(isset(
    $_COOKIE['cookname']) && isset($_COOKIE['cookemail'])){
            
    $_SESSION['userid'] = $_COOKIE['cookid'];
            
    $_SESSION['username'] = $_COOKIE['cookname'];
            
    $_SESSION['email'] = $_COOKIE['cookemail'];
            
    $_SESSION['user_level'] = $_COOKIE['cookuser'];
            
    $_SESSION['encrypted_id'] = $_COOKIE['cookencid'];
            
    $_SESSION['encrypted_name'] = $_COOKIE['cookencname'];
            
    $_SESSION['encrypted_pass'] = $_COOKIE['cookencpass'];
            
    $_SESSION['encrypted_email'] = $_COOKIE['cookencemail'];
            
    $_SESSION['encrypted_user'] = $_COOKIE['cookencuser'];
        }

        
    /* Username and password have been set */
        
    if(isset($_SESSION['name']) && isset($_SESSION['pass'])){
            
    /* Confirm that username and password are valid */
            
    if(confirmUser($_SESSION['userid'], $_SESSION['username'], $_SESSION['email'],$_SESSION['user_level'],
                
    $_SESSION['encrypted_id'], $_SESSION['encrypted_name'], $_SESSION['encrypted_pass'], 
                
    $_SESSION['encrypted_email'], $_SESSION['encrypted_user']) != 0) {
                
                unset(
    $_SESSION['userid']);
                unset(
    $_SESSION['username']);
                unset(
    $_SESSION['password']);
                unset(
    $_SESSION['username']);
                unset(
    $_SESSION['email']);
                unset(
    $_SESSION['encrypted_id']);
                unset(
    $_SESSION['encrypted_name']);
                unset(
    $_SESSION['encrypted_pass']);
                unset(
    $_SESSION['encrypted_email']);
                unset(
    $_SESSION['encrypted_user']);
                return 
    false;
            }
            return 
    true;
        }
        
    /* User not logged in */
        
    else{
            return 
    false;
        }


  2. #2
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    setcookie() does not alter the $_COOKIE variable. The $_COOKIE variable contains the values sent by the browser when it made the http request. This is why when you set a cookie, the value is not immediately available in the $_COOKIE array. Future http requests will reflect the values.

    It's very important that you understand the difference between client side and server side. http://www.sitepoint.com/article/adv...design-primer/
    php is server side.

  3. #3
    SitePoint Addict AdRock952's Avatar
    Join Date
    Aug 2006
    Posts
    243
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The logout function does clear the cookies (which is called first on the logout page) but then the checklogin function must create them again becuase the page has changed.

    Would it be best and would it work if i call the logout function on some page then redirect to the logout page where the checklogin function is called?

  4. #4
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AdRock952 View Post
    The logout function does clear the cookies (which is called first on the logout page) but then the checklogin function must create them again becuase the page has changed.

    the checklogin() function you posted does not create any cookies.

    Quote Originally Posted by AdRock952 View Post
    Would it be best and would it work if i call the logout function on some page then redirect to the logout page where the checklogin function is called?
    I'm not really sure what you're trying to do. Are you trying to log a user out? If so, why would you call checklogin() when you know they have requested to be logged out?

  5. #5
    SitePoint Addict
    Join Date
    May 2006
    Location
    Amsterdam
    Posts
    206
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I had a similar problem and created this snippet that seemed to take care of it:

    PHP Code:
        session_start();
        
    $_SESSION = array();
        if (isset(
    $_COOKIE[session_name()])) {
            
    setcookie(session_name(), ''time()-42000'/');
        }
        
    session_destroy();
        
        
    header('Location: your index page or landing page');
        exit; 


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •