How to remove 'PHPSESSID' cookie?
My application set this cookie named 'PHPSESSID' and expires at end of session. I used session_start() at beginning.
How do I force removal of this cookie without shuttind down browser?
session_destroy does not remove this cookie.
what do you mean it sets the cookie that expires at the end of the session?
is it a session variable? (i.e. $_SESSION['PHPSESSID']) or a cookie? If it's a session variable then destroying the session should've worked so I'll assume it's a cookie. You can remove it by setting it with a previous time fo it to expire
I've switched careers...
I'm NO LONGER a scientist,
but now a web developer...
From the PHP manual
Cookies must be deleted with the same parameters as they were set with. If the value argument is an empty string, or FALSE, and all other arguments match a previous call to setcookie, then the cookie with the specified name will be deleted from the remote client.
Because setting a cookie with a value of FALSE will try to delete the cookie, you should not use boolean values. Instead, use 0 for FALSE and 1 for TRUE.
When deleting a cookie you should assure that the expiration date is in the past, to trigger the removal mechanism in your browser. Examples follow how to delete cookies sent in previous example:
Example 2. setcookie() delete example
// set the expiration date to one hour ago
setcookie ("TestCookie", "", time() - 3600);
setcookie ("TestCookie", "", time() - 3600, "/~rasmus/", ".example.com", 1);
Any way to forcefully remove PHPSESSID cookie?
I think an example suffices here.
There is no setcookie() command to set the cookie. This cookie (named PHPSESSID) is created automatically and remains until browser is closed.
It seems the only way to remove this cookie while browser (Firefox) is active is to go to Edit->Preferences->Privacy->Cookies->View Cookies, select the PHPSESSID cookie and press "Remove Cookie"
deleting session cookie
I believe what you're looking for is this (example of a logout script):
If you add in the "/" as the domain, it should then delete the session cookie. You can verify by running your tests through a proxy, like The Proxomitron (great software! see exactly what exchanges are going on between the browser and your site) or just look at your cookies from within your browser. This method works for me.
session_start(); // initialize session
session_destroy(); // destroy session
setcookie("PHPSESSID","",time()-3600,"/"); // delete session cookie
Originally Posted by ploceus
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)