PHP - Cookie 不起作用?

发布于 2024-10-07 13:51:52 字数 454 浏览 12 评论 0原文

为什么我无法删除这个 Cookie?

当用户登录时,authenticate_user() 就会运行。当用户注销时,运行 logout()。当类运行时,状态通过 update_status() 生成。

如何终止状态 cookie?无论我尝试什么,它都存在并且用户无法注销。

[代码已删除]

解决了。

删除 cookie 时,您必须指定 cookie 可以访问哪些目录。

Not Deleted
setcookie("status", "", (time()+3600), '/');
setcookie("status", "", (time()-3600));

Deleted
setcookie("status", "", (time()+3600), '/');
setcookie("status", "", (time()-3600), '/');

Why can't I delete this Cookie?

When a user logs in authenticate_user() is run. When the user logs out logout() is run. When the class is run status is generated via update_status().

How do I kill the status cookie? No matter what I try it exists and the user cannot log out.

[CODE REMOVED]

Solved it.

When deleting a cookie you must specify what directories the cookie can access.

Not Deleted
setcookie("status", "", (time()+3600), '/');
setcookie("status", "", (time()-3600));

Deleted
setcookie("status", "", (time()+3600), '/');
setcookie("status", "", (time()-3600), '/');

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

怂人 2024-10-14 13:51:52

状态是会话cookie吗?如果是,则 $_COOKIE['status'] 将不存在。

使用 session_destroy() 删除它,首先确保页面顶部有 session_start() (这可能就是您遇到会话无法正常工作问题的原因) 。

Is status a session cookie? If it is then $_COOKIE['status'] won't exist.

Use session_destroy() to remove it, make sure you have session_start() at the top of the page first though (this is probably why your having problems with sessions not working).

内心旳酸楚 2024-10-14 13:51:52

试试这个吧...

setcookie("status", "", time()-3600, "");

Try this instead...

setcookie("status", "", time()-3600, "");
迟月 2024-10-14 13:51:52

这是一个灰色地带。

首先要注意的是,您试图通过将 cvookie 的到期时间设置为一小时前来删除它 - 但您的脚本运行在哪个时区?客户位于哪个时区?

另外,我还看到过这样的行为,这似乎是由浏览器在将过期时间设置为过去的日期(过去的 - 不是时区的事情)时挂在cookie上所解释的行为。

仅仅存在 cookie 绝对不应该被视为身份验证的证据 - 这应该是存储在服务器端的数据的句柄。因此解决方案是将 cookie 的 VALUE 覆盖为无意义的值 - 不更改其过期时间。

This is a bit of a grey area.

First thing of note is that you are trying to delete the cvookie by setting its expiry to an hour ago - but what time zone is your script running in? And what time zone is the client in?

Also, I've seen behaviour which seems to be explained by browsers hanging on to cookies when the expiry time is subsequently set to a date in the past (long in the past - not a timezone thing).

The mere presence of a cookie should NEVER be treated as evidence of authentication - this should be a handle to data stored serverside. So the solution is to overwrite the VALUE of the cookie to a nonsense value - not change its expiry time.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文