Cookies (Again)

[_Yoyo]

Hi!

I searched the forum for this but coudn't find anything. I want to know why this code isn't working:

Code:

<?php
setcookie('log', ' ', time()-60);	
include("functions.php");
echo "Wait...";
redirect('login.php'); 
?>

That's the only thing in the file. That file is called 'logout.php' and from a javascript function I'm doing a:

Code:

window.location.replace('logout.php');

It is suppose to clear the cookie but I'm getting the following error:

Warning: Cannot modify header information - headers already sent by

Any ideas?

[RudiVisser]

redirect() function will more than likely send a header:

PHP Code:

header("Location: $file"); // = header("Location: login.php"); 


If you remove

PHP Code:

echo "Wait..."; 


it should work.

[_Yoyo]

I don't get it. Replace my current redirect function with this one? 'Cause if I remove the echo still doesn't work...

This is my redirect function:

Code:

    function redirect($url) { 
    die('<meta http-equiv="refresh" content="0;URL='.$url.'">'); 
    }

[dclamp]

you need to make sure there isnt anything being echoed or a header before the setcookie()

[visualAd]

I don't get it. Replace my current redirect function with this one? 'Cause if I remove the echo still doesn't work...

This is my redirect function:

Code:

    function redirect($url) { 
    die('<meta http-equiv="refresh" content="0;URL='.$url.'">'); 
    }

Whitespace such as tabs spaces and newlines at the top of the script and any included files also count as output.

It is better to use a location header to redirect the request and send a Location header or the refresh header if you want a time out. This will prevent HTML level blocking of the action and ensure everything from browser to search engine indexers follow them.

[penagate]

Also, I recommend that you use a POST request to effect the logout. GET requests can be made at any time and should have no adverse side-effects.

[_Yoyo]

Whitespace such as tabs spaces and newlines at the top of the script and any included files also count as output.

It is better to use a location header to redirect the request and send a Location header or the refresh header if you want a time out. This will prevent HTML level blocking of the action and ensure everything from browser to search engine indexers follow them.

As you can see, the script uses the setcookie right after the php tag so there's no spaces or tab or echoes whatsoever. Anyways, I replaced the redirect function, forced a POST and still nothing.

[RudiVisser]

What is after this??

"Warning: Cannot modify header information - headers already sent by"... ?

[penagate]

Attach the file to a post. Sometimes PHP can be finicky with character sets and the like and it is very hard to debug without seeing the whole script file.

[_Yoyo]

What is after this??

"Warning: Cannot modify header information - headers already sent by"... ?

Cannot modify header information - headers already sent by (output started at /usr/local/www/data/segti/logout.php:1) in /usr/local/www/data/segti/logout.php on line 2

[_Yoyo]

Attach the file to a post. Sometimes PHP can be finicky with character sets and the like and it is very hard to debug without seeing the whole script file.

You mean this one, right?

[penagate]

Try this. Let me know if it works or doesn't work.

[visualAd]

You mean this one, right?

The file has preceding unicode characters. If you are editing the file in notepad make sure you have saved the file in ASCII rather than Unicode.

Hex view:

Code:

0000000: efbb bf3c 3f70 6870 0d0a 7365 7463 6f6f  ...<?php..setcoo
0000010: 6b69 6528 276c 6f67 272c 2027 2027 2c20  kie('log', ' ',

Edit: BTW, the preceding characters are known as a Unicode BOM (Byte order mark) it tells text editors the encoding used in the file.

[penagate]

yeah, I converted it to ANSI. I was trying to be subtle.

PHP doesn't interpret the BOM; rather, it treats it as output, hence why it breaks headers.
I believe version 6 fixes this.

[visualAd]

yeah, I converted it to ANSI. I was trying to be subtle.

PHP doesn't interpret the BOM; rather, it treats it as output, hence why it breaks headers.
I believe version 6 fixes this.

I was tripped up by that once as well.

[_Yoyo]

The error is gone!!!! But the cookie is still there

BTW, is this a good way to "erase" a cookie?