I don't seem to be able to delete a cookie programatically in my script. Setting it is no problem, and if I delete it manually in firefox, everything works as intended. When I "log out" of my site, the logout script seems to work as intended, but then if I go to another page, I am still logged in. Also, the logout script is supposed to delete the cookie, but I never see it disappear in firefox unless I delete it manually.
The only other thing I can think of is a problem with various scripts being in different directories. The session include is in an /includes folder and the login (sets the cookie) and logout (deletes) are in the /user folder. The page so far that I'm seeing that keeps me logged in is the home page, but all others probably have the same problem.
I'm using $SESSION['user_id'] to determine if they are currently logged in, and $COOKIE['user_id'] if they choose to stay logged in between visits. If the session variable isn't set, I check to see if the cookie variable is and then use that. Right now, these are the only cookie or session variables I'm using. If the "Keep me logged in" option is not used, everything works fine.
This is included
session_name('YourSession');
session_start();
if (!isset($_SESSION['user_id'])) { //if session variable isn't set, check cookie value
if (isset($_COOKIE['user_id'])) $_SESSION['user_id'] = $_COOKIE['user_id'];
}
Then this is the main code of the logout script
unset($_SESSION['user_id']); //delete session variable so they are no longer logged in
if (isset($_COOKIE['uesr_id'])) { //delete the user_id cookie if they have it set so that they are not auto-logged in
setcookie('user_id', '', time()-3600, '/', '', 0);
}
I see the cookie show up instantly when it's created, but there is no evidence of it being deleted.
No other code references the session or cookie variables after this, so there should be nothing re-creating a new cookie.
Any ideas?
Thanks
