PHP Australia Conference 2015
add a note add a note

User Contributed Notes 2 notes

up
1
Anonymous
6 years ago
Try also
* INI_Get('session.cookie_lifetime')
* INI_Get('session.cookie_path')
* INI_Get('session.cookie_domain')
* INI_Get('session.cookie_secure')
* INI_Get('session.cookie_httponly')
separately instead of session_Get_Cookie_Params().

Additionally there is a "bug" - session.cookie_lifetime is mentioned twice in the description.
up
0
powerlord at spamless dot vgmusic dot com
11 years ago
This function is quite handy when it comes to expiring session cookies... since Session cookies don't automatically get destroyed (see the session_destroy page).

For instance, here's what I plan to use to expire session cookies:

    $CookieInfo = session_get_cookie_params();
    if ( (empty($CookieInfo['domain'])) && (empty($CookieInfo['secure'])) ) {
        setcookie(session_name(), '', time()-3600, $CookieInfo['path']);
    } elseif (empty($CookieInfo['secure'])) {
        setcookie(session_name(), '', time()-3600, $CookieInfo['path'], $CookieInfo['domain']);
    } else {
        setcookie(session_name(), '', time()-3600, $CookieInfo['path'], $CookieInfo['domain'], $CookieInfo['secure']);
    }
    session_destroy();

It doesn't check to see if the path part of the session cookie is set because the defaults in php.ini have this set already, unlike domain and secure.
To Top