Home > Article > Backend Development > In-depth explanation of PHP cookie deletion techniques_PHP tutorial
In-depth explanation of PHP cookie deletion techniques_PHP tutorial
- WBOYOriginal
- 2016-07-15 13:34:57824browse
First, let’s take a look at the instructions on deleting cookies in PHP manual
bool setcookie ( string name [, string value [, int expire [, string path [, string domain [, bool secure]]]]] )
To delete a cookie, you need to ensure that its expiration date is in the past to trigger the browser's deletion mechanism. The following example illustrates how to delete the cookie just set: Example 2. setcookie() Delete
Example
// Set the expiration time to one hour ago
setcookie("TestCookie", "" , time() - 3600);
setcookie("TestCookie", "", time() - 3600, "/~rasmus/", ".utoronto.ca", 1);
PHP The way to delete a cookie is to set the validity period of the cookie to before the current time, which is what almost all PHP programmers do.
Later, a friend who was new to PHP told me that he wanted to set the value of a cookie to empty in the program, but the cookie was deleted directly. My first reaction at the time was that I didn’t believe it, so I tested it
setcookie("testcookie", '');
print_r($_COOKIE);
The result was indeed the entire $ The _COOKIE array is all empty, not just $_COOKIE['testcookie']. So I used winsock to capture the packet and observed the returned http header. I found that the http header turned out to be Set-Cookie: testcookie=deleted; expires=Mon, 18 -Jun-2007 02:42:33 GMT. This shows that setcookie("testcookie", ''); indeed deletes the testcookie cookie directly. There is no explanation about this situation in the PHP manual.
Finally read the PHP delete cookie source code, and finally Discover the truth (this is the benefit of open source, if there is any unclear inside story, check the source code directly)
The following PHP cookie deletion code can be found in the linux source package of PHP5.20 in ext/standard/head.c No. 99 Found near the line.
<ol class="dp-xml">
<li class="alt"><span><span>if (value && </span><span class="attribute">value_len</span><span> == 0) { </span></span></li>
<li><span>/* </span></li>
<li class="alt"><span>* MSIE doesn't delete a cookie when <br>you set it to a null value </span></li>
<li><span>* so in order to force cookies to be <br>deleted, even on MSIE, we </span></li>
<li class="alt"><span>* pick an expiry date 1 year and 1 <br>second in the past </span></li>
<li><span>*/ </span></li>
<li class="alt">
<span>time_t </span><span class="attribute">t</span><span> = </span><span class="attribute-value">time</span><span>(NULL) - 31536001; </span>
</li>
<li>
<span class="attribute">dt</span><span> = </span>PHP<span class="attribute-value">_format_date</span><span>("D, d-M-Y H:i:s <br>T", sizeof("D, d-M-Y H:i:s T")-1, t,<br> 0 TSRMLS_CC); </span>
</li>
<li class="alt">
<span>sprintf(cookie, "Set-Cookie: <br>%</span><span class="attribute">s</span><span>=</span><span class="attribute-value">deleted</span><span>; </span><span class="attribute">expires</span><span>=%s", name, dt); </span>
</li>
<li><span>efree(dt); </span></li>
<li class="alt"><span>} else { </span></li>
<li>
<span>sprintf(cookie, "Set-Cookie: %</span><span class="attribute">s</span><span>=%s", <br>name, value ? encoded_value : ""); </span>
</li>
<li class="alt">
<span>if (expires </span><span class="tag">></span><span> 0) { </span>
</li>
<li>
<span>strcat(cookie, "; </span><span class="attribute">expires</span><span>="); </span>
</li>
<li class="alt">
<span class="attribute">dt</span><span> = </span>PHP<span class="attribute-value">_format_date</span><span>("D, d-M-Y H:i:s T", <br>sizeof("D, d-M-Y H:i:s T")-1, <br>expires, 0 TSRMLS_CC); </span>
</li>
<li><span>strcat(cookie, dt); </span></li>
<li class="alt"><span>efree(dt); </span></li>
<li><span>} </span></li>
<li class="alt"><span>} </span></li>
</ol>
is clearly shown in the source code, if (value && value_len == 0), when value_len is 0
sprintf( cookie, "Set-Cookie: %s=deleted; expires=%s", name, dt);
will send the http header of PHP to delete the cookie to the browser. Finally, we can conclude that in PHP Using
setcookie($cookiename, ''); or setcookie($cookiename, NULL);
will realize PHP deletion of cookies. Of course, these manuals do not include it.