I'm exploring the source code of Kohana framework, and it has the following logic when deleting the cookie on browser:
public static function delete($name)
{
// Remove the cookie
unset($_COOKIE[$name]);
// Nullify the cookie and make it expire
return setcookie($name, NULL, -86400, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly);
}
I understand that the function setcookie will set cookie's name to deleted (as displayed in browser cookies view) and expire it so that the browswer doesn't send it next time. So why is the first part with unset is there?
setcookie add cookie to HTTP response headers. Whereas $_COOKIE presents cookies from request headers. So setcookie doesn't affect on cookies of $_COOKIE array (on the current page load). Therefore we have to unset cookie in $_COOKIE too in order to ensure that this cookie won't present in $_COOKIE array if we'll want to get it in further (on the current page load).
both are same and deleting cookie. If we remove unset, Surely it will work and delete the cookie.