Cookie Helper default expire time

[eluser]bbiao[/eluser]
in cookie_helper.php

Code:

if ( ! is_numeric($expire))
{
    $expire = time() - 86500;
}
else
{
    if ($expire > 0)
    {
        $expire = time() + $expire;
    }
    else
    {
        $expire = 0;
    }
}

if parameter $expire is not passed by the function set_cookie, it has a default value '', and the $expire will set to time() - 86500, which has no effect to set the cookie, you should change it to

Code:

if ( ! is_numeric($expire))
{
    $expire = time() + 86500;
}
else
{
    if ($expire > 0)
    {
        $expire = time() + $expire;
    }
    else
    {
        $expire = 0;
    }
}

[eluser]Pascal Kriete[/eluser]
It's correct the way it is. From the docs:

The expiration is set in seconds, which will be added to the current time. Do not include the time, but rather only the number of seconds from now that you wish the cookie to be valid. If the expiration is set to zero the cookie will only last as long as the browser is open.

To delete a cookie set it with the expiration blank.

The negative time will mean the cookie expires immediately, thus deleting it.

[eluser]bbiao[/eluser]
[quote author="inparo" date="1210003843"]It's correct the way it is. From the docs:

The expiration is set in seconds, which will be added to the current time. Do not include the time, but rather only the number of seconds from now that you wish the cookie to be valid. If the expiration is set to zero the cookie will only last as long as the browser is open.

To delete a cookie set it with the expiration blank.

The negative time will mean the cookie expires immediately, thus deleting it.[/quote]
YES, what you said is the parameter passed to the set_cookie() function, and what I talked is the default $expire value used in the set_cookie() function and pass it to the native setcookie() function. If you don't invoke the $expire parameter, the CI will automatically use $expire - 86500 as the expire time, and pass it to the native setcookie() function, which means that the cookie will expire in the past time. Do you think this is right?

in PHP docs,

The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire.

[eluser]Pascal Kriete[/eluser]
I think you're missing what the default is for. It's only used to delete the cookie.

By telling the browser that the cookie has expired, it will be trashed on the next request.

[eluser]bbiao[/eluser]
[quote author="inparo" date="1210043567"]I think you're missing what the default is for. It's only used to delete the cookie.

By telling the browser that the cookie has expired, it will be trashed on the next request.[/quote]

i don't think so.
the ci docs said that:
Only the name and value are required.
so if i just pass the name and value, the cookie will be deleted, isn't it?

for example:
set_cookie('name', $value);

what happened after i call this?? the cookie will be deleted!! this is not what i want

[eluser]bbiao[/eluser]
To delete a cookie set it with the expiration blank.

I think it's my fault~~nice discussion with inparo

[eluser]sophistry[/eluser]
waking up this old bug report.

i just got bitten by this lapse in the CI manual.

it says "Only the name and value are required." so i put in only the name and value, expecting the expire to be set the "default" 86500.

but no, if you don't set expire also, the cookie is deleted before it is created.

the docs need a wee bit more clarity on this as two people have fallen into the pothole.

how about:

"Only name, value, and expire are required."

[eluser]Pascal Kriete[/eluser]
I always thought it was pretty clear, but since you stumbled on it, Sophistry...
Would it help you if I moved the "To delete a cookie set it with the expiration blank." up behind the required statement?

Only the name and value are required. To delete a cookie set it with the expiration blank.

I don't like saying that expire is required, since that's technically not true.

[eluser]sophistry[/eluser]
hi pascal,

thanks for burnishing my credentials! ;-) i'm flattered my opinion weighs so much. :red:

here's my reasoning as to why the doc should be updated:

the function is named set_cookie(). that is what it should do. now, the manual says “Only the name and value are required.” if you pass it just those two parameters - name and value - it <strong>deletes</strong> the cookie (it does not set, it deletes). expire <strong>is</strong> required if you want the function to set a cookie. if you don't set the expire parameter, then the cookie isn't set - simple as that. if you follow the doc instructions to the letter, you end up here at the forums, searching on set_cookie() and muttering fresh words to the computer screen.

besides, there is already a function called delete_cookie(). so, there is no need for the set_cookie() function to do delete_cookie()'s job. further, why would you send a value parameter to set_cookie() if all you want to do is delete it? meaning, delete_cookie() only makes you send the name of the cookie - which is perfectly clear. but, set_cookie() makes you send three parameters just to delete the cookie. this is evidence of a vestigal behavior of this function and it should be expunged or (at the very least) clarified in the docs.

in this case, the documentation is just plain wrong and should be fixed before someone else wastes time on it.

to take this one step more... the "delete cookie" functionality of set_cookie() should be deprecated since it is available in a simple, clear, well-named function delete_cookie().