bitter cookies

I have no clue why this is happening, but somehow my "delete cookie" is working in IE but not in Netscape.

What happens is:

I use authentication to verify a user's username and password. Upon validation, the user is taken to another page which sets the cookie with the username. I also put in a delete cookie:

SetCookie("memberID","", time()-3600*24);

on the authentication page, so that every time a user went back to the login page, the previous cookie would be deleted, and reset.

Everything works fine in IE.

But a sample test run in Netscape of:

username: lname06
password: temp
(returns valid, as should)

username: lname06
password: asdasfasa
(returns invalid, as should)

username: adafaa
password: temp
(returns valid as SHOULD'NT)

The previous cookie value is being reserved even though I've specified to reset the cookie on the log in page.

No clue why it works in IE but not in Netscape.

Any ideas or should I be modifying my code?

Thanks,
Sana

Someone please helpppppp!!!

ok im desppppeeerrrraaaatteeeeee, it wont work at all. someone has got to now how to do this, plz plzzzzzzzzzzz

It's really hard to help you because you only posted ONE line of your code.. Cookies can be kinda tricky some times so you really do need to post more of your code.

<BLOCKQUOTE><font size="1" face="Verdana,Arial,Helvetica">quote:</font><HR>Originally posted by sonya:
Someone please helpppppp!!![/quote]

I had a similar problem - I got around it by checking for new input from a <FORM> tag. Here's an extract from one of my PHP projects:

<?php
require("db_connect.php");

session_start();

$s_id = "PHPSESSID=" . session_id();

// By default, cookie information has precedence over form input. Obviously we don't want this since
// new input is ignored when someone else tries to log on, the old session is ressurrected, and the
// new user is logged into the old user's account. Whoops! This fixes the "feature".

if ($HTTP_POST_VARS["user"] && (!($HTTP_POST_VARS["user"] == $user))) {
$user = $HTTP_POST_VARS["user"];
$password = $HTTP_POST_VARS["password"];
$phash = "";
}


// If username information exists, check the username and password hash (we don't actually store
// the password at all, only the MD5 hash of it. It's a LOT more secure to send this in the clear.
// Also, MD5 hashes don't contain any illegal characters.

if ($password) { $phash = md5($password); }

if ($user && $phash) {
$query = "SELECT password FROM users WHERE name='" . $user . "'";
$result = mysql_query($query, $db);
$myline = mysql_fetch_row($result);
$db_hash = $myline[0];

if ($phash == $db_hash) {
$logged_in = 1;
session_register("user");
session_register("phash");
} else {
$logged_in = 0;
$auth_fail = "Incorrect username or password";
}
} else {
$logged_in = 0;
}

if ($logout) {
$user = "";
$password = "";
$phash="";
$logged_in = 0;
$s_id = "";
session_unregister("name");
session_unregister("phash");
$tmphead = dirname($PHP_SELF) . "/index.php";
header("Location: $tmphead");
exit;
}

?>