PHP :: Bug #46639 :: setcookie with past date fails to delete cookie if path not set

Bug #46639	setcookie with past date fails to delete cookie if path not set
Submitted:	2008-11-21 15:20 UTC	Modified:	2008-11-21 23:10 UTC
From:	simon at incarnis dot com	Assigned:
Status:	Not a bug	Package:	*Web Server problem
PHP Version:	5.2.6	OS:	Solaris 10
Private report:	No	CVE-ID:	None

View Developer Edit

[2008-11-21 15:20 UTC] simon at incarnis dot com

Description:
------------
Cookie is created with an 8 hour expiry time, supplying only the name, value and expire parameters.

Attempt to remove cookie using setcookie with the same name, a null value and an expire parameter of -1 hours.

Cookie not removed.

Supplying the (supposedly optional) path parameter set to "/" successfully removes the cookie.



Reproduce code:
---------------
setcookie("user", $_SESSION[user], mktime()+(60*60*8));  


...
...

setcookie("user",NULL,mktime()-3600);       

Expected result:
----------------
Cookie should not exist.

Actual result:
--------------
Cookie does exist. Add a path parameter of "/" to the removal call and the cookie is removed.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-11-21 15:53 UTC] jani@php.net

This is just how it works. No bug here.

[2008-11-21 23:10 UTC] simon at incarnis dot com

Is this documented anywhere?
And isn't it kind of strange to call the parameter optional if it isn't?

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri May 09 06:01:27 2025 UTC