How to Delete a Cookie with PHP


Just like you can create a cookie with PHP, you can also delete it. In this tutorial, I will show you how to delete a cookie that you previously stored on the user's device, with the help of a simple PHP script.

In another tutorial, I talked about how to create a cookie with PHP by providing some examples. That tutorial demonstrated how to create, read and update cookies using PHP. One other action that you may need to take while working with cookies is to delete them, so that they will be removed from the user's browser and won't be accessible by your website (or anyone else) again.

How Cookies Work

Continuing with the points we made on the other post about how cookies work, let's mention some further important points while working with cookies.

First of all, you should keep in mind that a cookie will be automatically removed when it reaches its expiry time. For example, if your website places a cookie with an expiry time of 24 hours, it will disappear after 24 hours from the first visit of the user.

Another point is that cookies are available only to the domains they originate from. For example, website B cannot access or use a cookie website A creates on the user's browser, in any way. Hence, you should design your cookie system based on these points.

TIP: If your website is available from any European Union country (it is, unless you have a 100% accurate country IP blocking mechanism), you may also want to check our EU cookie notice tutorial to learn how to put an appropriate cookie notice on your site.

Delete a Cookie with PHP

Let's first remember how we set a cookie using the following code:

setcookie($cookie_name, $cookie_value, $expiry_time, $cookie_path);

Imagine that you want to store the style theme option of the visitor in a cookie, so that you can automatically display the same theme on their next visit. We use the following code to set the theme cookie:

setcookie("theme", "dark", time() + 30 * 24 * 60 * 60, "/");

The above code will set a cookie named as theme, whose value is dark, expiry time is set to 30 days and it is available for the entire domain.

Let's say you want to destroy that cookie based on a certain action the user takes such as a log out, visiting a certain page, submitting a form or something like that. In that case, what you need to delete the cookie is to specify an expiry time that is earlier than the current time. Currently, this is the only way to delete a cookie with PHP since there isn't a function to literally "delete" a cookie like the setcookie() function which creates and sets a cookie.

So, here is the code we can use to delete our cookie:

setcookie("theme", "", time() - 1, "/");

What we did is that we first set the value of the cookie to an empty string and then set the expiry time to a past time.

The time() function returns the current Unix timestamp; by subtracting 1 (or any value as you wish), you are instructing the browser to expire the cookie, since its expiry date is in the past (before current time).

f t g+ in