How to remove 'PHPSESSID' cookie?

[ploceus]

Hi. How do I force removal of a session cookie using Javascript or PHP functions?

My application set this cookie named 'PHPSESSID' and expires at end of session. I used session_start() at beginning.

How do I force removal of this cookie without shuttind down browser?
session_destroy does not remove this cookie.
Thanks.

[aj_nsc]

what do you mean it sets the cookie that expires at the end of the session?

is it a session variable? (i.e. $_SESSION['PHPSESSID']) or a cookie? If it's a session variable then destroying the session should've worked so I'll assume it's a cookie. You can remove it by setting it with a previous time fo it to expire

PHP Code:

setcookie('phpsessid','value',time()-1); 


[TJ111]

From the PHP manual

Cookies must be deleted with the same parameters as they were set with. If the value argument is an empty string, or FALSE, and all other arguments match a previous call to setcookie, then the cookie with the specified name will be deleted from the remote client.

Because setting a cookie with a value of FALSE will try to delete the cookie, you should not use boolean values. Instead, use 0 for FALSE and 1 for TRUE.

...


When deleting a cookie you should assure that the expiration date is in the past, to trigger the removal mechanism in your browser. Examples follow how to delete cookies sent in previous example:

Example 2. setcookie() delete example

PHP Code:

<?php
// set the expiration date to one hour ago
setcookie ("TestCookie", "", time() - 3600);
setcookie ("TestCookie", "", time() - 3600, "/~rasmus/", ".example.com", 1);
?>

[ploceus]

I think an example suffices here.
There is no setcookie() command to set the cookie. This cookie (named PHPSESSID) is created automatically and remains until browser is closed.

It seems the only way to remove this cookie while browser (Firefox) is active is to go to Edit->Preferences->Privacy->Cookies->View Cookies, select the PHPSESSID cookie and press "Remove Cookie"

How do I remove this cookie within PHP script? Is there a function (or Javascript) that removes it?

Thanks.

PHP Code:

<?php
ini_set("session.use_cookies", "on");
ini_set("session.use_trans_sid", "on");
session_start()
?>

[jdforsythe]

I believe what you're looking for is this (example of a logout script):

PHP Code:

session_start(); // initialize session
session_destroy(); // destroy session
setcookie("PHPSESSID","",time()-3600,"/"); // delete session cookie 


If you add in the "/" as the domain, it should then delete the session cookie. You can verify by running your tests through a proxy, like The Proxomitron (great software! see exactly what exchanges are going on between the browser and your site) or just look at your cookies from within your browser. This method works for me.

I think an example suffices here.
There is no setcookie() command to set the cookie. This cookie (named PHPSESSID) is created automatically and remains until browser is closed.

It seems the only way to remove this cookie while browser (Firefox) is active is to go to Edit->Preferences->Privacy->Cookies->View Cookies, select the PHPSESSID cookie and press "Remove Cookie"

How do I remove this cookie within PHP script? Is there a function (or Javascript) that removes it?

Thanks.

PHP Code:

<?php
ini_set("session.use_cookies", "on");
ini_set("session.use_trans_sid", "on");
session_start()
?>