How to clear cookies from clients via PHP or Javascript?

R

run1822021-02-02 12:24:13

PHP

run182, 2021-02-02 12:24:13

There is a doubling of sessions on the 1C-Bitrix website. There were problems in the settings - they were solved.
But clients need to clear their cookies. How can you do this (but not ask them about it)?
Tried like this, but it doesn't work:

session_abort();
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}
session_destroy();
unset($_SESSION);
unset($_COOKIE);

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

N

nokimaro, 2021-02-02
@run182

To delete a cookie, the cookie name and passing Expiration are not enough.
You need to send a cookie to the browser with exactly the same parameters with which it was set
. All flags affect here: path, domain, secure, httponly, samesite
For example PHPSESSID for site.ru and PHPSESSID for . site.ru are two different cookies.
That is, you need to determine exactly which cookie to remove, taking into account the flags with which it was set. You can see this in dev tools, in the Application -> Storage -> cookies tab