Posted by David Groom on 11/10/37 11:19

you and I were thinking along the same lines, I was just re-coding it as you
wrote your post !

--
blank
"Stefan Rybacki" <stefan.rybacki@gmx.net> wrote in message
news:3hu412Fii0nhU1@individual.net...
> David Groom wrote:
>> "Stefan Rybacki" <stefan.rybacki@gmx.net> wrote in message
>> news:3htqo4Fis674U3@individual.net...
>>
>>>Stefan Rybacki wrote:
>>>
>>>>David Groom wrote:
>>>>
>>>>
>>>>>I'm currently trying to build an online store, and am using sessions to
>>>>>track a particular visit.
>>>>>
>>>>>Once the purchase has been completed I want to destroy the session, and
>>>>>remove the session cookie from the browser (this being particularly
>>>>>important to avoid the same session id being reused if the user decides
>>>>>to place a second order).
>>>>>
>>>>>After the purchase is completed I have some PHP code,in a script called
>>>>>completedtrx.php which contains
>>>>>
>>>>>setcookie("PHPSESSID", '', time()-42000, '/');
>>>>>session_unregister("id");
>>>>>session_destroy();
>>>>>
>>>>>and then goes on to echo a thankyou message. All works as a had hoped,
>>>>>when all the scripts are located on my server .
>>>>>
>>>>>BUT
>>>>>
>>>>>I want to enable online credit card processing, and so script execution
>>>>>leaves my server, runs on the credit card gateway, and then the gateway
>>>>>returns the browser to www.myserver.com/completedtrx.php .
>>>>>
>>>>>When this happens the cookie is not destroyed, unless I refresh the
>>>>>page www.myserver.com/completedtrx.php in the browser.
>>>>>
>>>>
>>>>>How do I delete the cookie in these circumstances?
>>>>
>>>>
>>>>Hi
>>>>
>>>>In most cases you're able to send custom data to the credit card company
>>>>which they are posting back to you. So you can send the session_id or an
>>>>id from which you are able to get the session_id. Ask your credit card
>>>>company.
>>>>
>>>>By the way, you should start a session at the beginning of your script
>>>>
>>>>start_session();
>>>
>>>I meant
>>>
>>>session_start();
>>>
>>>sorry.
>>>
>>>
>>>>session_unregister("id");
>>>>session_destroy();
>>>>
>>
>>
>>
>> Stefan
>> I do have the session_start() in my script, the code I included in my
>> original script was just and extract from that script.
>
>
> Ok sorry, didn't know that.
>
>>
>> But my problem is not that I can't perpetuate the session id after coming
>> back from the credit card company. My problem is that I want to delete
>> the cookie from the users' browser, and at present I am trying to do this
>> from within the script that is called from the credit card gateway's
>> confirmation.
>>
>
> You said the cookie isn't deleted until refreshing the page, so why do it
> by script?
>
> 1. You could delete the setcookie as you did and redirect to the page
> again with a parameter that prevents the script from doing the redirect
> again and again ...
>
> 2. May it is enough to call the initial script a completetrx.php and
> redirect to for example thankyou.php
>
>
> Stefan
>
>> David

[Back to original message]