 |
 |
 |
 |
|
|
Date: 02/16/03
- Next message: XpeditionPilot <email protected>: "[PHP-DOC] #16111 [Com]: IIS/CGI only gives "Security Alert! PHP CGI cannot be accessed directly.""
- Next in thread: betz <email protected>: "[PHP-DOC] #22239 [Opn->Csd]: Misleading Documentation on Deleting Cookies"
- Reply: betz <email protected>: "[PHP-DOC] #22239 [Opn->Csd]: Misleading Documentation on Deleting Cookies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
From: todd <email protected>
Operating system: any
PHP version: 4.3.0
PHP Bug Type: Documentation problem
Bug description: Misleading Documentation on Deleting Cookies
In the current version of the PHP html documentation, under the function
"setcookie(...)" it states:
If only the name argument is present, the cookie by that name will be
deleted from the remote client.
This is only partially true, as the other arguments to the function must
be called exactly as they were upon creation of the cookie. At least this
is true for Mozilla 1.1 (verified with the cookie manager), and your
documentation seems to indicate the same, when it states under "Common
Pitfalls":
Cookies must be deleted with the same parameters as they were set with.
Making this point clear from the beginning would save confusion for
developers. This is also a problem since sites that mirror the
documentation (at least zend.org) don't always include the "Common
Pitfalls" section.
Consider replacing:
If only the name argument is present, the cookie by that name will be
deleted from the remote client.
With:
If the value argument is an empty string (""), and all other arguments
match a previous call to setcookie, then the cookie with the specified
name will be deleted from the remote browser.
Also, a sample of doing this would be nice:
If in login.php you have:
<?
setcookie("UID","SOMEVALUE","/subdir","myhost.com",TRUE);
?>
You should have in logout.php:
<?
setcookie("UID","","/subdir","myhost.com",TRUE);
?>
Thanks for your attention,
Todd Willey
-- Edit bug report at http://bugs.php.net/?id=22239&edit=1 -- Try a CVS snapshot: http://bugs.php.net/fix.php?id=22239&r=trysnapshot Fixed in CVS: http://bugs.php.net/fix.php?id=22239&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=22239&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=22239&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=22239&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=22239&r=support Expected behavior: http://bugs.php.net/fix.php?id=22239&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=22239&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=22239&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=22239&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=22239&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=22239&r=dst IIS Stability: http://bugs.php.net/fix.php?id=22239&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=22239&r=gnused-- PHP Documentation Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
- Next message: XpeditionPilot <email protected>: "[PHP-DOC] #16111 [Com]: IIS/CGI only gives "Security Alert! PHP CGI cannot be accessed directly.""
- Next in thread: betz <email protected>: "[PHP-DOC] #22239 [Opn->Csd]: Misleading Documentation on Deleting Cookies"
- Reply: betz <email protected>: "[PHP-DOC] #22239 [Opn->Csd]: Misleading Documentation on Deleting Cookies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]