To remove a cookie, set the expiry timestamp to a time in the past. This triggers the browser’s removal mechanism:

setcookie('user', '', time() - 3600, '/');

When deleting a cookie make sure the path and domain parameters of setcookie() matches the cookie you’re trying to delete or a new cookie, which expires immediately, will be created.

It is also a good idea to unset the $_COOKIE value in case the current page uses it:

unset($_COOKIE['user']);