From bfc4230f11542393aadc86e421fcbf7cecf05972 Mon Sep 17 00:00:00 2001
From: Andrew Welch <andrew@megalomaniac.com>
Date: Tue, 8 Mar 2016 13:52:01 -0500
Subject: [PATCH] Set expiration to the past when deleting a cookie

---
 CookiesPlugin.php                 |  8 ++--
 README.md                         |  5 +++
 releases.json                     |  9 +++++
 services/Cookies_UtilsService.php | 66 +++++++++++++++++--------------
 4 files changed, 54 insertions(+), 34 deletions(-)

diff --git a/CookiesPlugin.php b/CookiesPlugin.php
index ee4f5ca..d2e99f3 100755
--- a/CookiesPlugin.php
+++ b/CookiesPlugin.php
@@ -12,20 +12,20 @@ public function getDescription()
     {
         return 'A simple plugin for setting and getting cookies from within Craft CMS templates.';
     }
-    
+
     public function getDocumentationUrl()
     {
         return 'https://github.com/khalwat/cookies/blob/master/README.md';
     }
-    
+
     public function getReleaseFeedUrl()
     {
         return 'https://raw.githubusercontent.com/khalwat/cookies/master/releases.json';
     }
-    
+
     public function getVersion()
     {
-        return '1.0.2';
+        return '1.0.3';
     }
 
     public function getSchemaVersion()
diff --git a/README.md b/README.md
index 6af3556..3a8b5c5 100755
--- a/README.md
+++ b/README.md
@@ -158,6 +158,11 @@ All three of these methods accomplish the same thing:
 
 ## Changelog
 
+### 1.0.3 -- 2016.03.08
+
+* [Fixed] We now set the expiration date to the past if we're deleting a cookie, to force browsers to remove it
+* [Improved] Updated the README.md
+
 ### 1.0.2 -- 2015.11.23
 
 * Added support for Craft 2.5 new plugin features
diff --git a/releases.json b/releases.json
index 344c7f6..e791316 100644
--- a/releases.json
+++ b/releases.json
@@ -1,4 +1,13 @@
 [
+    {
+        "version": "1.0.3",
+        "downloadUrl": "https://github.com/khalwat/cookies/archive/master.zip",
+        "date": "2016-03-08T11:00:00-05:00",
+        "notes": [
+            "[Fixed] We now set the expiration date to the past if we're deleting a cookie, to force browsers to remove it",
+            "[Improved] Updated the README.md"
+        ]
+    },
     {
         "version": "1.0.2",
         "downloadUrl": "https://github.com/khalwat/cookies/archive/master.zip",
diff --git a/services/Cookies_UtilsService.php b/services/Cookies_UtilsService.php
index 46e4a87..b9ebb04 100644
--- a/services/Cookies_UtilsService.php
+++ b/services/Cookies_UtilsService.php
@@ -5,55 +5,61 @@ class Cookies_UtilsService extends BaseApplicationComponent
 {
 
 /* --------------------------------------------------------------------------------
-	Standard cookies
+    Standard cookies
 -------------------------------------------------------------------------------- */
 
     public function set($name = "", $value = "", $expire = 0, $path = "", $domain = "", $secure = false, $httponly = false)
     {
-		$expire = (int) $expire;
-		setcookie($name, $value, $expire, $path, $domain, $secure, $httponly);
-		$_COOKIE[$name] = $value;
+        $expire = (int) $expire;
+/* -- Make sure the cookie expiry is in the past if we're deleting the cookie */
+        if (value=="")
+            $expire = (int)(time() - 3600);
+        setcookie($name, $value, $expire, $path, $domain, $secure, $httponly);
+        $_COOKIE[$name] = $value;
      } /* -- set */
 
     public function get($name = "")
     {
-		if(isset($_COOKIE[$name]))
-			return $_COOKIE[$name];
+        if(isset($_COOKIE[$name]))
+            return $_COOKIE[$name];
     } /* -- get */
 
 /* --------------------------------------------------------------------------------
-	Security validated cookies
+    Security validated cookies
 -------------------------------------------------------------------------------- */
 
     public function setSecure($name = "", $value = "", $expire = 0, $path = "", $domain = "", $secure = false, $httponly = false)
     {
-    	if ($name == "")
-    	{
-    		craft()->request->deleteCookie($name);
-    	}
-    	else
-    	{
-			$expire = (int) $expire;
-			$cookie = new HttpCookie($name, '');
-		
-			$cookie->value = craft()->security->hashData(base64_encode(serialize($value)));
-			$cookie->expire = $expire;
-			$cookie->path = $path;
-			$cookie->domain = $domain;
-			$cookie->secure = $secure;
-			$cookie->httpOnly = $httponly;
-	
-			craft()->request->getCookies()->add($cookie->name, $cookie);
-		}
+        if ($name == "")
+        {
+            craft()->request->deleteCookie($name);
+        }
+        else
+        {
+            $expire = (int) $expire;
+/* -- Make sure the cookie expiry is in the past if we're deleting the cookie */
+            if (value=="")
+                $expire = (int)(time() - 3600);
+            $cookie = new HttpCookie($name, '');
+
+            $cookie->value = craft()->security->hashData(base64_encode(serialize($value)));
+            $cookie->expire = $expire;
+            $cookie->path = $path;
+            $cookie->domain = $domain;
+            $cookie->secure = $secure;
+            $cookie->httpOnly = $httponly;
+
+            craft()->request->getCookies()->add($cookie->name, $cookie);
+        }
     } /* -- setSecure */
 
     public function getSecure($name = "")
     {
-		$cookie = craft()->request->getCookie($name);
-		if ($cookie && !empty($cookie->value) && ($data = craft()->security->validateData($cookie->value)) !== false)
-		{
-			return @unserialize(base64_decode($data));
-		}
+        $cookie = craft()->request->getCookie($name);
+        if ($cookie && !empty($cookie->value) && ($data = craft()->security->validateData($cookie->value)) !== false)
+        {
+            return @unserialize(base64_decode($data));
+        }
     } /* -- getSecure */
 
 } /* -- Cookies_UtilsService */
\ No newline at end of file