cookie does not respond to setcookie() command?

Matt_Kindig

Hey everyone,

I'm working on a site that's experiencing some cookie craziness. The site uses sessions and cookies to store user information, with the cookies used to automatically log the user in if they have visited within the last 30 days. I also have a number of admin accounts (at various administrator levels) that some users also have.

The problem is, when I log in to the site under one user or admin account, logout, and re-login under another user or admin account, the cookie retains the value of the originally logged-in account. Closing the browser doesn't work--the cookie's value doesn't change. I've tested this on multiple browsers so I don't think it's a browser issue.

This is the script to logout:

    $_SESSION = array();
    if (isset($_COOKIE[session_name()])) {
	setcookie(session_name(), '', time()-42000, '/');
    }
    if (isset($_COOKIE['fullname'])) {
	setcookie('fullname','',time()-42000,'/');
	unset($_COOKIE['fullname']);
    }
    session_destroy();
  }

and this is part of the login script that sets the cookie:

session_start();
if (isset($_SESSION['fullname']) ) {
	setcookie('fullname',$_SESSION['fullname'],time()+60*60*24*30); 
}

Any suggestions?

Gasolene

why not just stick with sessions, cookies are not going to be around much longer as most browsers destory all cookies on exit.

you could use a text file or database to log users by IP and use sessions while the user is logged in.

as far as your code below, i can't see why the cookie is not being unset but I've not used cookies in a long time.

Weedpacket

Originally posted by Gasolene
most browsers destory all cookies on exit.

Session cookies, sure; but where'd you hear that about cookies in general?

Matt_Kindig

Strangely enough, the session cookie is destroyed and reset (i.e. the PHPSESSID changes) when I re-login under a different user, but for some reason the 'persistent' cookies aren't unset.

So I'm still not sure what's going on here.