All geek questions in one place

How to delete a PHP session correctly?

I previously used these three lines to delete a session:

session_start(); session_regenerate_id(); session_destroy();

Does session_destroy() close the session, or do I need to manually close it?

 session_start(); session_regenerate_id(); $_SESSION = array(); session_write_close();
+4
source share
2 answers

If you are destroying a session, then session_write_close () is not necessary, as in the manual it does the following:

Session data is usually saved after the script completes without the need to call session_write_close (), but since session data is blocked to prevent simultaneous writing, only one script can run in a session at any time.

+1
source

session_destroy delete session data in the medium (file, database, etc.) where it is stored but does not delete the $_SESSION or cookies, you must do this manually, including the PHPSESSID cookie.

I usually delete sessions with something like this:

 foreach($_SESSION as $key => $val) unset($_SESSION[$key]); foreach($_COOKIE as $key => $val) setcookie($key, '', 1); session_destroy();


BTW, when you call session_regenerate_id() , the session file is copied to the new file, but the old one is not deleted, if you want to delete the old data session file (maybe you want), you must specify it with session_regenerate_id(TRUE) .

+6
source

Source: https://habr.com/ru/post/1344641/

More articles:


All Articles