views:

124

answers:

1

Hi there, I have a strange problem to clear Cookie via PHP.

Lets say if I have a domain neobie.net I store "remember user login" cookie name as "USER_INFO" which contains string to identify user login in the next time of revisit.

now using firefox, I saw that I have 2 cookies USER_INFO with domain "www.neobie.net" and ".neobie.net" with expiration date of 1 week later.

I wrote a logout.php script, which clear the cookie of different domain (.neobie.net, www.neobie.net, neobie.net) to ensure that USER_INFO cookie is completely cleared for different domain.

Now is the problem. The user isn't able to clear the cookie when user visit logout.php

I found out that, I have to manually delete the cookie with domain "www.neobie.net", leaving the ".neobie.net " intact, then only the cookie can be cleared.

So, I have to make the php script to setcookie USER_INFO on ".neobie.net", and prevent it to set cookie on "www.neobie.net" to make the logout.php script work.

But I don't understand why I couldn't clear the cookie for "www.neobie.net" (with leading www. , tested on firefox and chrome)

+1  A: 

You have overlapping cookie domains. www.neobie.net will receive cookies set on the .neobie.net. So there is no need to set the same cookie on both domains.

If your logout URL starts with http://www.neobie.net, you should be able to clear cookies on www.neobie.net domain. A HTTP header trace will help.

ZZ Coder
Yup, i understand that www.neobie.net can receive cookie set for domain .neobie.net , but due to some careless in scripting, I didnt specify the domain for setcookie() and therefore www.neobie.net domain cookie is set.Now I want to know how to clear the cookie even if it is www.neobie.net . Indeed, I logout from www.neobie.net, but the www.neobie.net domain cookie simply cannot be cleared out.
neobie