does not erase cookies in chrome PHP

Navigation
1

It turns out that I have a file salir.php that closes the sessions of the user and also in case the user has marked the option "remember me" the cookies are also deleted .. but in chrome it does not erase the cookies to me then it never leaves the page (it does a route of exit.php - > index.php - > main-php ) when finding still the set cookies it returns to the main .php and I can never close the session, the weird thing is that if I try it in the Edge browser, it goes perfectly .. why is that?

  

I attach the file salir.php where I delete the cookies 

    session_start();
session_destroy();
unset($_SESSION["usuario"]);
unset($_SESSION["admin"]);
unset($_SESSION["idUsuario"]);
unset($_SESION["fotoperfil"]);
unset($_SESSION["tiempo"]);
setcookie ("marca_aleatoria_usuario_dw", "", 1,'/',false,false);
setcookie("idusuario","",1,"/",false, false);
unset($_COOKIE['idusuario']);
unset($_COOKIE['marca_aleatoria_usuario_dw']);
//setcookie("idusuario", "", time() - 3600, "/");
//setcookie("marca_aleatoria_usuario_dw", "", time() - 3600, "/");
header("Location: ../index.php");
    
asked by fer 11.05.2017 в 07:10
source

2 answers

2

After thoroughly investigating the problem, we found that by indicating a route in the creation ('/') the cookie was created on a higher domain with a prefix point ".", so when receiving the order to erase the the cookie for the full domain Edge deleted it but Chrome did not, because it did not match exactly.

We made the following modifications so that everything worked correctly:

Creating cookies 

setcookie(
  'marca_aleatoria_usuario_dw',
  $numero_aleatorio,
  time() + (60 * 60 * 24 * 365),
  '/',
  $_SERVER['HTTP_HOST']
);
setcookie(
  'idusuario',
  $iduser,
  time() + (60 * 60 * 24 * 365),
  '/',
  $_SERVER['HTTP_HOST']
);

They are created with a duration of one year, with the options to configure the '/' directory of the website and for the domain that contains the server.

Deleting cookies 

setcookie(
  'marca_aleatoria_usuario_dw',
  '',
  time() - 3600,
  '/',
  $_SERVER['HTTP_HOST']
);
setcookie(
  'idusuario',
  '',
  time() - 3600,
  '/',
  $_SERVER['HTTP_HOST']
);

As now exactly match the cookie creation data with the deletion data, the browser does not have the possibility of being mistaken for a cookie when deleting it or deciding not to do it because no field coincides.

Initial response

The superglobal variable $_COOKIES does not create or destroy cookies in the browser. Its content is generated during the start of the execution of the script with the content of the cookies sent to the server by the browser ( more information ).

That is, neither of these two lines works: 

/* Esto no crea una cookie llamada "nueva_cookie" */
$_COOKIE['nueva_cookie'] = 'NUEVA COOKIE';    
/* Esto no borra una cookie llamada "vieja_cookie" */
unset($_COOKIE['vieja_cookie'];

Instead you should use the setcookie() function in the following way: 

/* Esto SÍ crea una cookie llamada "nueva_cookie" */
setcookie('nueva_cookie', 'NUEVA COOKIE');
/* Esto SÍ provoca el borrado de la cookie "vieja_cookie" */
setcookie('vieja_cookie', '', time() - 3600);
/* Sólo por cortesía y para que el resto del script tenga conocimiento
 de la nueva cookie "nueva_cookie" y del borardo de "vieja_cookie" */
$_SESSION['nueva_cookie'] = 'NUEVA COOKIE';
unset($_SESSION['vieja_cookie']);

The third parameter indicates when the cookie should expire (by default it lasts until the browser closes). If we indicate a date in the past it will cause it to be deleted from the browser.

In practice the server generates a HTTP header Set-Cookie: vieja_cookie=deleted; ...; ; Max-Age=-3600 to create a new cookie "vieja_cookie" with a value "deleted" and, in addition, with a maximum negative age that causes it to be immediately discarded (deleted).

To end the sessions managed by PHP (assuming a session already started with session_start() ) you need to do the following: 

// Si se desea destruir la sesión completamente, borre también la cookie de sesión.
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}
/* Borramos los datos de sesión (pero no su archivo asociado) */
unset($_SESSION);
// Finalmente, destruir la sesión.
session_destroy();
    
answered by 11.05.2017 / 09:10
source
0

Try to make cookies expire without having to log out. 

setcookie("tucookie", "tuvalor", 1);

add, 1 to the unset.

    
answered by 11.05.2017 в 07:32
Different types of data in a C array Doubt about operator in c ++