I tried to destroy all session variable by using the session_destroy() method, but after using this method, the values are not destroyed.
Why is session_destroy() not working?
Is there any other way to destroy the session in PHP?
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800))
{
session_destroy();
session_unset();
}
Perhaps is way too late to respond but, make sure your session is initialized before destroying it.
session_start() ;
session_destroy() ;
i.e. you cannot destroy a session in logout.php if you initialized your session in index.php. You must start the session in logout.php before destroying it.
If you need to clear the values of $_SESSION, set the array equal to an empty array:
$_SESSION = array();
Of course, you can't access the values of $_SESSION on another page once you call session_destroy, so it doesn't matter that much.
Try the following:
session_destroy();
$_SESSION = array(); // Clears the $_SESSION variable
I had to also remove session cookies like this:
session_start();
$_SESSION = [];
// If it's desired to kill the session, also
// delete the session cookie.
// Note: This will destroy the session, and
// not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
Source: geeksforgeeks.org
It works , but sometimes it doesn't (check the below example)
<?php
session_start();
$_SESSION['name']="shankar";
if(isset($_SESSION['name']))
{
echo $_SESSION['name']; // Outputs shankar
}
session_destroy();
echo $_SESSION['name']; // Still outputs shankar
Weird!! Right ?
In the above scenario , if you replace session_destroy(); with unset($_SESSION['name']); it works as expected.
But i want to destroy all variables not just a single one !
Yeah there is a fix for this too. Just unset the $_SESSION array. [Credits Ivo Pereira]
unset($_SESSION);
if you destroy the session on 127.0.0.1 it will not affect on localhost and vice versa
session_destroy() is effective after the page load is complete. So in the second upload, the session is terminated. But with unset() you can also log out from within the page.
Add session_start(); before !Doctype Declaration
<?php session_start(); ?>
<!doctype html>
<html>
<body>
<?php
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800))
{
session_destroy();
session_unset();
}
?>
</body>
</html>
Actually, it works, but you also need to do $_SESSION = array(); after the session_destroy to get rid of $_SESSION variables. However, avoid doing unset($_SESSION) because that makes sessions useless.
Well, this seems a new problem for me, using a new php server. In the past never had an issue with sessions not ending.
In a test of sessions, I setup a session, ran a session count++ and closed the session. Reloaded the page and to my surprise the variable remained.
I tried the following suggestion posted by mc10
session_destroy();
$_SESSION = array(); // Clears the $_SESSION variable
However, that did not work. I did not think it could work as the session was not active after destroying it, so I reversed it.
$_SESSION = array();
session_destroy();
That worked, reloading the page starting sessios and reviewing the set variables all showed them empty/not-set.
Really not sure why session_destroy() does not work on this PHP Version 5.3.14 server.
Don't really care as long as I know how to clear the sessions.
Source: Stackoverflow.com