I can't delete cookies PHP although path and time was set correctly

Question

I have created a logout.php page to let the user sign out from the website and redirects them to the sign in page.

however what ever i do, the cookies are not getting deleted, so when the user gets redirected to the singin page the latter examines the cookies and then find it, therefore logs the user in.

Below is the code of logout.php:

<?php
unset($login);
if (isset($_COOKIE['xxx'])){
    setcookie('xxx', false, time() - 3600,"/");
}
if (isset($_COOKIE['yyy'])){
    setcookie('yyy', false, time() - 3600,"/");
}
    header("Location: singin.php");
    die();

?>

Please note that this php page is in subfolder protected by password and the html link redirects to a php file that require() the logout.php file.

Answer 1

use php unset() to delete your cookie as, you can get the complete details here delete the cookie

if (isset($_COOKIE['xxx'])){
    unset($_COOKIE['xxx']);
}
if (isset($_COOKIE['yyy'])){
    unset($_COOKIE['yyy']);
}

or, set value as null and a negative time for your cookie as

setcookie('xxx', null, -1, '/');
setcookie('yyy', null, -1, '/');

or, set value as empty and a past time for your cookie as

setcookie("xxx", "", time()-3600);
setcookie("yyy", "", time()-3600);

Answer 2

I have found finally the reason behind the issue. it's because I have put session_cache_limiter('public'); in my code, so which I presume prevents the client to set the cookie to an expiry date.

I have done that because I don't want the client to ask the user each time they hit back to resubmit the form.

It seems that it's not the correct practice, I'll post another question for that.

Thanks all for the help.