Announcement

Collapse
No announcement yet.

cannot log out

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • cannot log out

    I have been trying for two days to logout from this site. I cannot. On my site, I changed the cookie to .mydomain.com and no matter what I could not logout either. Everything went back to normal after I removed the cookie sitewide.

    Up to two days ago I was able to logout from this site here. Has anyone else experience that too?

  • #2
    You got some corrupted cookies on your computer. Go the cookies folder and clear them all out, that usually works.
    Chen Avinadav
    Better to remain silent and be thought a fool than to speak out and remove all doubt.

    גם אני מאוכזב מסיקור תחרות לתור מוטור של NRG הרשת ע"י מעריב

    Comment


    • #3
      on comment though regarding the cookie domain:

      cookies can only be removed in the EXACT same conditions they were created.

      So, if your BB didn't have a domain set initially, the cookie on your computer was assigned to www.mydomain.com. If you then set the domain to .mydomain.com, you will NOT be able to remove the www.mydomain.com cookie and vice versa.

      Upon such a change, there is no escape than removing your cookie manually, if you don't want to hack your files.

      Comment


      • #4
        bira

        What is the difference between leaving it blank and putting .domain.com?

        Comment


        • #5
          when you leave it blank, the domain for the cookie is automatically set as the current domain the user is on.

          For example, let's say your domain is mydomain.com and you have two subdomains:

          www.mydomain.com
          forums.mydomain.com

          Now, say a user visits your forum at forums.mydomain.com and logs in.

          If you don't have anything defined in your cookie domain, the user will get a cookie from forums.mydomain.com, and his cookie will looksomething like:

          cookie:[email protected]

          That cookie WILL NOT work on www.mydomain.com.

          Now, if you then set your cookie to .mydomain.com, when the above user visits again, his cookie continue to work on forums.mydomain.com but won't work on any other domain.

          And, if a user will try to log out, the forums.mydomain.com WILL NOT be erased, because from the cookie's standpoint, this is NOT the same domain. What it will be looking to delete is:

          cookie:[email protected]

          And that's a different cookie file - as you can see (different name).

          The reason for this is because a website may want to set different cookies for different subdomains. If, for example, you have 2 forums on your server, one in subwebsite1.mydomain.com and one in subwebsite2.mydomain.com - each will want to have its own BB cookie.


          Defining your cookie domain as .mydomain.com means your cookie will work and be valid for ALL subdomains of mydomain.com. However, it can be erased ONLY where the cookie domain is defined as .mydomain.com as well.

          As a general note, I might add that setting a cookie looks like this:

          setcookie(variablename,variablevalue,expiretime,directory,domain,secure)

          variablename = the name of the cookie. For example, in vB, it can be 'bbuserid'

          variablevalue = the value of the variable. In the above example, that would be your userid

          expiretime = when will the cookie expire. Setting it at '0' means the cookie will not be stored on your computer and will be destroyed as soon as you close the browser or timeout (session ends).

          directory = whether this cookie works on a specific directory (eg, if you want it only for /forums/) or will it work website-wide (in which case, and by default, it is /)

          domain = as I explained above. I will also add that you can only define the domain on which the user is on. You can't put .yahoo.com if you're not on yahoo.

          secure = whether the cookie should be trasmitted over SSL (https). By default that is set to 0.

          Now, if you want to delete a cookie, all you need to do is "empty" the variable:

          setcookie(variablename,"","",samedir,samedomain,samesecure)

          notice that the dir, domain, secure and variable name MUST be IDENTICAL.

          If you know PHP, it would be the same as this:

          $bbuserid = "1199"; // this gives a VALUE to the variable $bbuserid

          $bbuserid = ""; // this empties the variable $bbuserid.

          Therefore, at the bottom line:

          1) define your cookie domain if you have more than one subdomain who will served by this cookie (and btw, that includes a case where you have both http://www.mydomain.com AND http://mydomain.com -- these are TWO different subdomains);

          2) if you define your domain after the cookie has been set, you will need to delete it from your computer manually. If you don't, it will not get deleted and you will not be able to log out.

          3) Cookies are set and removed at identical conditions. A change of condition will mean a cookie cannot be removed.


          Hope this helps.
          Last edited by bira; Sat 22 Dec '01, 3:46pm.

          Comment


          • #6
            Bira

            thank you very much

            Comment

            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
            Working...
            X