Menu
I currently have a cookie set as follows:
setcookie("username",$username,time()+3600*24*5);
How would I go about clearing the value of that cookie so that the user's username isn't filled in anymore?
I have it cleared as follows:
setcookie("username","",time()-60000);
The user's username still comes up though.
The HTML form:
<?php
session_start();
$username = NULL;
$password = NULL;
if(isset($_SESSION['username'])){
$username = $_COOKIE['username'];
$password = $_COOKIE['password'];
}
?>
<html>
<title>Login</title>
<body bgcolor='#000000'>
<font color="white">
<H2><div align='center'>Login</div></H2>
<form align='center' action='login.php' method='POST'>
Username: <input type='text' name='username' value='<?$_COOKIE['username']?>'><br \>
Password: <input type='password' name='password' value='<?$password?>'><br \>
Remember Me <input type='checkbox' name='remember' value='rememberme'><br \>
<input type='submit' value='Login'>
</form>
</font>
</body>
</html>
The PHP script to handle the form:
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
//Hash password in a new variable
$password2 = md5($password);
require_once "/home/a7435766/public_html/scripts/dbconnect.php";
$query = mysql_query("SELECT * FROM userstwo WHERE username = '$username' && password = '$password2'");
if((mysql_num_rows($query)) != 0) {
//Store username and password in a cookie
if($_POST['remember'] == 'rememberme') {
setcookie("username",$username,time()+3600*24*5,'','.ohjustthatguy.com');
setcookie("password",$password,time()+3600*24*2,'','.ohjustthatguy.com');
} else {
setcookie("username","",time()-10,'','.ohjustthatguy.com');
setcookie("password","",time()-10,'','.ohjustthatguy.com');
}
$_SESSION['username'] = $username;
header('Location: http://www.ohjustthatguy.com/uploads/uploads.html');
} else {
header('Location: http://www.ohjustthatguy.com/uploads/');
}
?>
Original sources on pastebin
203
Cookies are always stored in the client. The path only sets restrictions to what remote pages can access said cookies. For example, if you set a cookie with the path "/foo/" then only pages in the directory "/foo/" and subdirectories of "/foo/" can read the cookie.
You can not force a cookie to be deleted. If you need better control over what data is kept in the current session use server-side session storage. Keep only the session_id in the cookie.
A cookie in PHP is a small file with a maximum size of 4KB that the web server stores on the client computer. They are typically used to keep track of information such as a username that the site can retrieve to personalize the page when the user visits the website next time.
Be sure that you delete the cookie with the same domain name and path with which you set it. Cookies for example.com and www.example.com will be treated as two different cookies. Similarly, cookies set from example.com and example.com/Support will have different paths. A good practice is to use .example.com as the domain and '/' as the path for username type cookies so that they can be shared across your subdomains too.
To debug this, you can use the FireCookie plugin of Firefox which'll show all this information.
102
Setting its expiration to some time in the past should clear it:
setcookie("username",$username,time()-10);
If you're using PHP sessions to manage users, you'll probably also want to session_destroy()
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
