如何删除我的网站所有cookies

I'm wondering if I can delete all my website's cookies when a user click on logout, because I used this as function to delete cookies but it isn't work properly:

我想知道当用户点击登出时我是否可以删除我网站上所有的cookie，因为我用这个函数来删除cookie，但是它不能正常工作:

setcookie("user",false);

Is there a way to delete one domain's cookies in PHP?

是否有一种方法可以在PHP中删除一个域的cookie ?

11 个解决方案

#1

146

PHP setcookie()

Taken from that page, this will unset all of the cookies for your domain:

从该页取出，这将取消您的域名的所有cookies:

// unset cookies
if (isset($_SERVER['HTTP_COOKIE'])) {
    $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
    foreach($cookies as $cookie) {
        $parts = explode('=', $cookie);
        $name = trim($parts[0]);
        setcookie($name, '', time()-1000);
        setcookie($name, '', time()-1000, '/');
    }
}

http://www.php.net/manual/en/function.setcookie.php#73484

http://www.php.net/manual/en/function.setcookie.php # 73484

#2

$past = time() - 3600;
foreach ( $_COOKIE as $key => $value )
{
    setcookie( $key, $value, $past, '/' );
}

Even better is however to remember (or store it somewhere) which cookies are set with your application on a domain and delete all those directly.
That way you can be sure to delete all values correctly.

然而，更好的是记住(或存储在某处)哪些cookie是与应用程序在域上设置的，并直接删除所有这些cookie。这样，您就可以确保正确地删除所有值。

#3

I agree with some of the above answers. I would just recommend replacing "time()-1000" with "1". A value of "1" means January 1st, 1970, which ensures expiration 100%. Therefore:

我同意上面的一些答案。我建议将“time()-1000”替换为“1”。“1”的值意味着1970年1月1日，该值可确保100%到期。因此:

setcookie($name, '', 1);
setcookie($name, '', 1, '/');

#4

make sure you call your setcookie function before any output happens on your site.

确保在站点上发生任何输出之前调用setcookie函数。

also, if your users are logging out, you should also delete/invalidate their session variables.

此外，如果您的用户正在注销，您还应该删除/使其会话变量无效。

#5

When you change the name of your Cookies, you may also want to delete all Cookies but preserve one:

当您更改您的cookie名称时，您可能还想删除所有cookie，但保留一个:

if (isset($_COOKIE)) {
    foreach($_COOKIE as $name => $value) {
        if ($name != "preservecookie") // Name of the cookie you want to preserve 
        {
            setcookie($name, '', 1); // Better use 1 to avoid time problems, like timezones
            setcookie($name, '', 1, '/');
        }
    }
}

Also based on this PHP-Answer

也是基于这个PHP-Answer

#6

You should be aware of various tracking tools like Google Analytics also use cookies on your domain and you don't want to delete them, if you want to have correct data in GA.

您应该了解各种跟踪工具，如谷歌Analytics也在您的域上使用cookie，如果您希望在GA中拥有正确的数据，则不希望删除它们。

The only solution I could get working was to set the existing cookies to null. I couldn't delete the cookies from the client.

我能得到的唯一解决方案是将现有cookie设置为null。我无法从客户端删除cookie。

So for logging a user out I use the following:

因此，对于登录用户，我使用以下方法:

setcookie("username", null, time()+$this->seconds, "/", $this->domain, 0);
setcookie("password", null, time()+$this->seconds, "/", $this->domain, 0);

Of course this doesn't delete ALL cookies.

当然，这不会删除所有的cookie。

#7

I know this question is old, but this is a much easier alternative:

我知道这个问题由来已久，但这是一个简单得多的选择:

header_remove();

But be careful! It will erase ALL headers, including Cookies, Session, etc., as explained in the docs.

但是要小心!它将删除所有的标头，包括cookie、会话等。

#8

All previous answers have overlooked that the setcookie could have been used with an explicit domain. Furthermore, the cookie might have been set on a higher subdomain, e.g. if you were on a foo.bar.tar.com domain, there might be a cookie set on tar.com. Therefore, you want to unset cookies for all domains that might have dropped the cookie:

所有先前的答案都忽略了setcookie可以用于显式域。此外，cookie可能已经设置在更高的子域上，例如，如果您在foo.bar.tar.com域中，可能会在tar.com上设置一个cookie。因此，您想要为可能丢失cookie的所有域释放cookie:

$host = explode('.', $_SERVER['HTTP_HOST']);

while ($host) {
    $domain = '.' . implode('.', $host);

    foreach ($_COOKIE as $name => $value) {
        setcookie($name, '', 1, '/', $domain);
    }

    array_shift($host);
}

#9

Use the function to clear cookies:

使用该函数清除cookies:

function clearCookies($clearSession = false)
{
    $past = time() - 3600;
    if ($clearSession === false)
        $sessionId = session_id();
    foreach ($_COOKIE as $key => $value)
    {
        if ($clearSession !== false || $value !== $sessionId)
            setcookie($key, $value, $past, '/');
    }
}

If you pass true then it clears session data, otherwise session data is preserved.

如果您传递true，那么它将清除会话数据，否则会话数据将被保留。

#10

The provided Answers did not solve my problem,

提供的答案并不能解决我的问题，

It did not:

它没有:

Remove parent domain cookies (from a.b.c; remove b.c; cookies),
删除父域cookie(从a.b.c;公元前删除;饼干),
Remove cookies from a higher path other then root.
从更高的路径删除cookies，然后删除root。

My script does, see.

我的脚本,请参阅。

<?php function unset_cookie($name)
{
    $host = $_SERVER['HTTP_HOST'];
    $domain = explode(':', $host)[0];

    $uri = $_SERVER['REQUEST_URI'];
    $uri = rtrim(explode('?', $uri)[0], '/');

    if ($uri && !filter_var('file://' . $uri, FILTER_VALIDATE_URL)) {
        throw new Exception('invalid uri: ' . $uri);
    }

    $parts = explode('/', $uri);

    $cookiePath = '';
    foreach ($parts as $part) {
        $cookiePath = '/'.ltrim($cookiePath.'/'.$part, '//');

        setcookie($name, '', 1, $cookiePath);

        $_domain = $domain;
        do {
            setcookie($name, '', 1, $cookiePath, $_domain);
        } while (strpos($_domain, '.') !== false && $_domain = substr($_domain, 1 + strpos($_domain, '.')));
    }
}

It is not the most pretty/safe/optimal solution, so use this only if you do not known the cookie-path and/or cookie-domain's. Or use the idea in order to create your version.

它不是最漂亮/安全/最优的解决方案，所以只有当您不知道cookie-path和/或cookie-domain的解决方案时才使用它。或者使用这个想法来创建你的版本。

#11

-1

<?php
      parse_str(http_build_query($_COOKIE),$arr);
      foreach ($arr as $k=>$v) {
        setCookie("$k","",1000,"/");
      }

#1

146