Hi, as a security measure, I'm trying to replace the PHPSESSID cookie that automatically gets generated with a different one of my own. What I can't seem to do is delete any cookies that I've generated, including the PHPSESSID one.
setcookie(session_name(),'', time() - 36000);
is the line I'm using to try and delete the cookie, but after the page loads in NS7, I check the Cookie manager and PHPSESSID is still there, with the session ID (its not even setting the cookie to a '' as the above line should).
Another cookie I created to test to see if cookies were enabled in the user's browser also isn't being deleted.
Am I missing something really obvious here as I'm tearing out what little hair I left!
FYI, the session ID I'm sending to the client is an index into a DB which contains the actual Session ID, which is then read and used, but a check is also made against the IP - adding a bit of security and protection against Session hijacking.
Any help would be appreciated.
Regards
Steve Childs.
