I am reading up on clearing cookies. Say a cookie is set with setcookie("abc", "xyz", time()+3600), then from what I've read you unset it by using setcookie("abc", "xyz", time()-3600) which sets the cookie to expire in the past. All the examples I've seen use this format.
My question is why does the last parameter have to be specifically time()-3600, why can't it be time()-1 or time()-9999999 for example?
It doesn't have to be time() - 3600. That's merely used in examples because it makes a nice tidy "one hour ago". It just has to be some time in the past, so time()-1 or time()-9999999 are acceptable as well, as is any value < time().
My question is why does the last parameter have to be specifically time()-3600, why can't it be time()-1 or time()-9999999 for example?
It doesn't. 3600 works, but anything in the past will work too.
When the browser reads a past time it is deleted
time() Returns the current time measured in the number of seconds since the Unix Epoch (January 1 1970 00:00:00 GMT).
so when you do this time() + or - somedigit that means you are addiing or subtracting value to seconds,
In setcookie("abc", "xyz", time()-3600) the trick is that this references the time on the server while the cookie expiration is dependent on the time of the host running the browser. If there is a mismatch of time between the two hosts, it is possible that it a cookie may not expire. However, using a time of ’1′ indicates an expiration time of 1 second after midnight, January 1st, 1970 which is the earliest possible expiration time.