Results 1 to 4 of 4

Thread: Logout - Kill Cookie

  1. #1
    Join Date
    Feb 2005
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Default Logout - Kill Cookie

    Hello,

    I'm using: Remember Form Values for form textbox.

    What script should I use to kill the cookie while I am logging out?

    Thanks,
    Jimijoe
    Last edited by jimijoe; 11-29-2005 at 01:48 AM.

  2. #2
    Join Date
    Mar 2005
    Location
    SE PA USA
    Posts
    30,495
    Thanks
    82
    Thanked 3,449 Times in 3,410 Posts
    Blog Entries
    12

    Default

    You really shouldn't do that. The script is only intended for use with unsecure data. Anything that you wouldn't want automatically filled in upon the user's return should not be included. There is no telling how a user will logout or what browser they will be using. Therefore, there is no reliable way to ensure that a cookie will get deleted if say, a user browsing with Opera (Opera will not respond to the onunload event, which is what would have to be used to cover this contingency) logs out simply by closing the current window while other windows of the browser session are still open. That would be an innocent way of avoiding cookie deletion, there are other more contrived ways and probably a few other scenarios I can't think of at the moment that would also be innocent.
    - John
    ________________________

    Show Additional Thanks: International Rescue Committee - Donate or: The Ocean Conservancy - Donate or: PayPal - Donate

  3. #3
    Join Date
    Feb 2005
    Posts
    8
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Default

    So, what script is used for the forum when we logout it kills the cookies(All cookies cleared!)?

  4. #4
    Join Date
    Mar 2005
    Location
    SE PA USA
    Posts
    30,495
    Thanks
    82
    Thanked 3,449 Times in 3,410 Posts
    Blog Entries
    12

    Default

    That is part of the PHP code for the forums and, it isn't reliable. As a result, I have many times booted up my machine, surfed over to the forums, only to find that I am still logged in from the last time!

    This call should empty the cookie:

    Code:
    document.cookie = "mvalue"+window.location.pathname+"="
    But, where to use it? onunload is already used by the script to save the current values. If you use it as an onclick event at logout, ex:

    HTML Code:
    <input type="button" value="Log Out" onclick="document.cookie = 'mvalue'+window.location.pathname+'=';">
    There is no guarantee users will log out that way. That is why I say, don't use this script on anything other than data that it is OK if it falls into the hands of unauthorized folks, because, no matter what you do, it will.
    - John
    ________________________

    Show Additional Thanks: International Rescue Committee - Donate or: The Ocean Conservancy - Donate or: PayPal - Donate

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •