delete session after session destroy

Since I am saving the session data to another directory, so it won't be overwritten by other session changes happening on a SHARED Linux hosting server, now that I have gotten the sessions to save in another directory, all is fine, until I destroy the session.  Then I get an error, session exists, but is destroyed.

I now need a way to remove the session from the cache in the directory -- sessions.

Thanks
LVL 23
sciwriterAsked:
Who is Participating?
 
matt_mcswainCommented:
>>session files are NOT deleted after calling session_destroy.
Sorry, but they are.
0
 
matt_mcswainCommented:
It will work the same, b/c php knows where it is.

session_start();
$_SESSION = array();
session_destroy();

What's the error message?
0
 
sciwriterAuthor Commented:
"Warning: Invalid argument supplied for foreach() in /home/site/public_html/cart.php on line 81"
Which is merely --  foreach($_SESSION['divs'] as $key => $val)
which simply goes through the Keys and prints out the values in the session.

Now I qualified that foreach() loop with --
if (array_key_exists('divs', $_SESSION) and is_array($_SESSION['divs']))

And it is not working, because the session still does exist -- the session destroy() did not remove the Session ID from the directory, all it does is delete the data from the session, not remove the ID -- they are just accumulating and never actually getting deleted in the sessions directory.....

I think it's just a simple matter of -- delete session_ID(session_ID)  or something like that, but I don't know
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
sciwriterAuthor Commented:
The destroy code is --

 if ($edit =='Delete All')
 {  $_SESSION = array();
  session_destroy();
  }
perhaps it is missing something?
0
 
peyoxCommented:
I found this on php.net (by thomas at uninet dot se), hope this helps:

--- quote ---
I did encounter a minor problem when I tried to remove the physical file that stores the session. The problem was that my working directory wasn't on the same drive as my PHP installation (yes, I used Windows).

So I used the PHP_BINDIR to start at the same place as PHP does and then change directory to the place that was specified in PHP.INI. This makes it transparent to relative paths in session.save_path.

<?php
function DeleteSessionID($sessionid) {
  $orgpath = getcwd();
  chdir(PHP_BINDIR);
  chdir(session_save_path());
  $path = realpath(getcwd()).'/';
  if(file_exists($path.'sess_'.$sessionid)) {
   // Delete it here
   unlink($path.'sess_'.$sessionid);
  } else {
   // File not found
  }
  chdir($orgpath);
}

?>

The final chdir($orgpath) is just to restore the working directory as it were before .
--- end quote ---
0
 
matt_mcswainCommented:
So if you run this code:

<?php
ini_set('session.save_path','sessions');
session_start();
echo session_id();
$_SESSION = array();
session_destroy();
?>

The file "sessions/sess_session_id" is still present?
0
 
peyoxCommented:
Guys, session files are NOT deleted after calling session_destroy. It is to be cleaned up internally, from time to time by PHP core.

There are two settings (in php.ini) wich are directly related to this:
1) session.gc_probability
2) session.gc_divisor

These two determine the probability of clean up session files after page request.

By default they are set to:
session.gc_probability = 1
session.gc_divisor = 1000

which means that PHP will trigger session clean up once every 1000 page requests (1/1000).

If you can set them like this:
session.gc_probability = 1000
session.gc_divisor = 1000

then PHP will trigger garbage collector after every scripit execution - which is equal to ALWAYS.

I understand that you are using shared host, but you still have an option to manipulate settings in php.ini by using ini_set(), for example:

ini_set('session.gc_probability','1000');
ini_set('session.gc_divisor ,'1000');

just remember to include these two lines at the begining of each file using sessions, even before session_start()

For testing purposes you may also want to decrease session life time, to see if it works, by calling:
ini_set('session.gc_maxlifetime', '10'); // sets session life time to 10 seconds



0
 
sciwriterAuthor Commented:
OK I think you two guys are heading in the right direction.  Both session IDs still exist in the directory --

public_html / sessions  -- the one I made yesterday of 27 hr duration (now expired)
and the one I made today of only 2 hour duration.

As I said, session_destroy() kills the data in the session, but does not seem to delete the long file itself (i.e. the session name, about 25 numbers long).

This could be because I did NOT set some path up front to tell it where to delete them?

Peyox -- I have NO access to PHP.INI on this site, it is shared hosting !!!!
0
 
sciwriterAuthor Commented:
AHA!!!  The unlink command -- that is it !!!  
I remember reading about the unlink() command.
That is what I need, and I have not instituted it.
Some ideas about unlink, perhaps???
0
 
sciwriterAuthor Commented:
I am just guessing here, but how about something like this --

 $path = "sessions";
  if(file_exists($path.'sess_'.$sessionid))
    {
   unlink($path.'sess_'.$sessionid);
     }

Ideas??
0
 
matt_mcswainCommented:
You can use this:

<?php
ini_set('session.save_path','sessions');
session_start();
unlink('sessions/sess_'.session_id());
$_SESSION = array();
session_destroy();
?>
0
 
peyoxCommented:
Matt you are right. Everything I described above was about expired session (closed browser, life time expired, etc) but not session_destroy, my stupid mistake.

sciwriter, you don't need to have access to php.ini to use ini_set (and be able to change settings from php.ini within script scope).
0
 
sciwriterAuthor Commented:
Warning: session_destroy(): Session object destruction failed in /home/../public_html/cart.php on line 45
Warning: Invalid argument supplied for foreach() in /home/../public_html/cart.php on line 83

Matt, Peyox -- with the unlink of Matt's, above, I get the first warning, the second is the same as before.
Upping points, this is going to be another one of those hum-dingers.....
0
 
peyoxCommented:
try to switch these two lines (unlink at the end)

<?php
ini_set('session.save_path','sessions');
session_start();
$_SESSION = array();
session_destroy();
unlink('sessions/sess_'.session_id());
?>
0
 
matt_mcswainCommented:
That might be because the file was deleted.
0
 
matt_mcswainCommented:
Yep, try that.
sciwriter, were you able to use shell_exec() on your host? Because then you get a shot of exactly what's going on doing every page refresh, while your testing? Using:

echo shell_exec('ls -la sessions');

That error makes it sound as if session_destroy() was going to remove the file but failed b/c it was already gone.
0
 
matt_mcswainCommented:
Actually:

echo nl2br(shell_exec('ls -la sessions'));

that's how I normally do it.
0
 
sciwriterAuthor Commented:
OK, different message now -- I flipped the lines and I now get this --
Warning: unlink(sessions/sess_): No such file or directory in /home/../public_html/cart.php on line 45

BTW, all is working fine until I destroy the session.  The rest is OK as long as I have something in it.
I can see the session in the FTP manager, the actual name is like this --
sess_1ee28d134a259d52f....etc....
The directory IS called "sessions" no upper case.
I think we are on the right track, maybe not just the right terminology, also maybe "unlink" is not the right command, after all?
Let me try removing in the sessions/  prefix, may not be needed,  will get back....
0
 
sciwriterAuthor Commented:
Nope, same message without the "sessions/" prefix --

Warning: unlink(sess_): No such file or directory in /home/.../public_html/cart.php on line 4
Warning: Invalid argument supplied for foreach() in /home/.../public_html/cart.php on line 83

Better if I let you guys debug this than me try at random  :)
0
 
peyoxCommented:
>>Warning: unlink(sessions/sess_): No such file or directory in /home/../public_html/cart.php on line 45

You get this error because you are probably trying to delete the file in wrong directory, or (?) file is already deleted.

where is your /session directory located? If this is the same level as /public_html, then you will need to do:

unlink('./../sessions/sess_'.session_id());
0
 
sciwriterAuthor Commented:
The file is still there, Matt, I can see it in my FTP manager, nothing goes so far without manual deletion :(
0
 
sciwriterAuthor Commented:
public_html/sessions/sess_1ee28d134a259d52f....etc....
0
 
matt_mcswainCommented:
I would delete everything in the sessions directory in case their old sessions.

Then in your public_html directory

<?php
ini_set('session.save_path','sessions');
session_start();
$_SESSION = array();
session_destroy();
if (file_exists('sessions/sess_'.session_id())
    unlink('sessions/sess_'.session_id());
?>
0
 
peyoxCommented:
It looks, that you are loosing session id before callin unlink, try this:

?php
ini_set('session.save_path','sessions');
session_start();
$sid = session_id();
$_SESSION = array();
session_destroy();
unlink('sessions/sess_'.$sid);
?>
0
 
matt_mcswainCommented:
Good catch!
0
 
sciwriterAuthor Commented:
OK guys, stop for a sec, reconsider this -- I realized looking at the code above, I was not "NAMING" the session.  I changed it to this (adding the session name):

if ($edit =='Delete All')
 {  
    $_SESSION['divs'] = array();
    session_destroy();
    unlink('sessions/sess_'.session_id());
   }

Now you see, the name "divs" is in there, and now I am down to only ONE message, and the session DID indeed get destroyed and the file deleted.  So maybe you were right to begin with, if I NAME the session as I made it, "divs", then the destroy will actually delete the file.

let me try that....  last remaining message....

Warning: unlink(sessions/sess_): No such file or directory in /home/.../public_html/cart.php on line 45
0
 
peyoxCommented:
One question, after each script execution you have one more file in /session directory, right? Even if session_destroy was called
If not then session_destroy() works as expected, but you have couple old session files not cleaned up by garbage collector.
How many files do you have in this folder?
0
 
sciwriterAuthor Commented:
No I got rid of the old ones manually, am keeping up with you 2 guys as fast as I can, you are a couple of fireball participants, when the two of you go at it together, it is an invogorating experience, believe me....
0
 
matt_mcswainCommented:
You should be able to remove the unlink().
And:

$_SESSION = array();

should take care of this:

$_SESSION['divs'] = array();

The first should clear the entire session array, while the latter just the 'divs' variable.
But I'm not gonna argue if it's working. ;)
0
 
sciwriterAuthor Commented:
YEP!!  THAT DID IT!!  The bottom line, guys, is you were both right -- if the session is NAMED correctly with the ['name I used to open it'] -- and you just destroy with that SAME name, it does exactly what you said it would, at the beginning.  It kills the session with ONLY the session_destroy(), and it does indeed disappear (my ftp manager sees it real time).  So the Key was, as you both said at the outset, JUST using SESSION_DESTROY does it completely, but you MUST give it the right name.

I don't know how I can fairly split points other than equally, but I have to tell you, when the two of you get on a question together, it is absolutely fantastic !!  I am upping points and closing this one.

Maybe tomorrow, look at my other Q on Paypal -- it is really just a bunch of near PHP stuff -- mathematics, extracting URLs and adding amounts.  Give it a shot -- I welcome your great contributions!!!

http://www.experts-exchange.com/Web/Web_Languages/PHP/PHP_Databases/Q_21389482.html

Thanks a million once again....
0
 
matt_mcswainCommented:
No problem. And thanks again for uppin' the points! ;^)
0
 
peyoxCommented:
I think Matt contributed much more than I did in this question. He also corrected my stupid mistake at the beginning of this discussion. So he should get bigger part of the points if you are considering points split.

Thanks both of you for a good time :)
0
 
peyoxCommented:
Good split, thanks for the points!
0
 
matt_mcswainCommented:
No worries peyox.
We all do it.
0
 
sciwriterAuthor Commented:
Well, I did end up giving Matt more points, he was the "rightest" so to speak...   :)
But face it peyox, you get him going, so you are great too :)

Jump into my other Q, I have lots more to go, and each time, we seem to learn a little more, no?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.