How to destroy the session cookie correctly with PHP?
Maybe your problem is not the cookie, but the browser showing a cached version of your admin page. Could that be? If it disappears when you hit F5, it's probably that. This can be sorted by setting the right cache-control
headers.
Check out this SO question on the issue of how to set caching. The question is about exactly the other way round (forcing browsers to cache) but you'll figure out what to change to turn caching off.
Deleting session cookies with PHP
Here you go, you need to delete in a loop:
//when dealing with session always add session_start() on top
session_start();
//From PHP manual: Unset all of the session variables.
//No need to do in a loop for all $_SESSION[] keys
$_SESSION = array();
//For cookies you do similar, from PHP docs:
//http://php.net/manual/en/function.setcookie.php#73484
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
setcookie($name, '', time()-1000, '/');
}
}
session_destroy();
PS: from PHP manual:
Only use
session_unset()
for older deprecated code that does not use
$_SESSION
. so don't use that.session_destroy()
destroys all of the
data associated with the current session. It does not unset any of the
global variables associated with the session, or unset the session
cookie.
To be safe call session_regenerate_id()
upon login, logout, and sensitive areas of the script.
How to delete a Session Cookie
You're correct in saying there is no way to do this in PHP, what you can do instead if you want to remove a cookie is to set the expiry to be at a time in the past:
// Set to 1 second in the past, this will invalidate the cookie.
setcookie("cookie_name", "", time() - 1, "/");
It is also a good idea to unset the cookie index within the $_COOKIE
global since it can exist in there as the rest of the page is parsed.
unset($_COOKIE["cookie_name"])
Sessions and cookies, if I destroy a session will the cookie go away? (PHP)
here is the link in which you can find the answer of your question:
http://www.codeflask.com/2012/08/why-session-destroy-when-remove-my.html
And the actual answer (cited from the link) is:
Session is destroyed automatically when cookies removed the reason is whenever the session is created it also stores its id in a cookie so that's why session destroyed automatically.
Best way to completely destroy a session - even if the browser is not closed
According to the manual, there's more to do:
In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that.
The manual link has a full working example on how to do that. Stolen from there:
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
?>
Remove a cookie
You May Try this
if (isset($_COOKIE['remember_user'])) {
unset($_COOKIE['remember_user']);
setcookie('remember_user', null, -1, '/');
return true;
} else {
return false;
}
Related Topics
How to Get the Unicode Value of a Character or Vise Versa with PHP
How to Get Previous Month and Year Relative to Today, Using Strtotime and Date
How to Make PHP Generate Chunked Response
Why Does Tcpdf Ignore My Inline CSS
How to Call the Constructor with Call_User_Func_Array in PHP
Php/Regex: How to Get the String Value of HTML Tag
Any Way to Specify Optional Parameter Values in PHP
Rerouting All PHP Requests Through Index.Php
How to Include Authorization Header in Curl Post Http Request in PHP
Exotic Names for Methods, Constants, Variables and Fields - Bug or Feature
How to Detect Country/Location of Visitor
Pdo Fetch One Column from Table into 1-Dimensional Array
What Is the Use of '\G' Anchor in Regex
Unset a Column in a Multidimensional Array
Select Count() VS MySQL_Num_Rows();
Store Procedures in PHPmyadmin