?
Solved

clear session PHP

Posted on 2009-12-28
14
Medium Priority
?
577 Views
Last Modified: 2012-05-08
when i go to the page that not have session_start();
it will clear all session variable or not i will make one page that no have this word to clear all session variABLE
0
Comment
Question by:teera
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 6

Expert Comment

by:syedyounus
ID: 26130185
it will not clear the session, you can use session_destroy();
to clear the session
0
 
LVL 8

Expert Comment

by:kumaranmca
ID: 26130190
Greetings Teera,

Please refer the following code...
<?php

session_start();
//Destroy the session. --- clear all session variables....
session_destroy();

OR
//Specific session clear
unset ($_SESSION['varname']);.
?>


?>
0
 
LVL 6

Expert Comment

by:syedyounus
ID: 26130244
session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie.

session_unset() frees all session variables currently registered.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:hexer4u
ID: 26132038
if you don't use session_start(); before checking variables, they will not be set.
session_destroy() is the oposite of session_start() - you will close the session and the variables will not be accessible, but they still exist.

session_unset(); removes all session variables, just make sure to have session_start(); before session_unset();
0
 
LVL 111

Accepted Solution

by:
Ray Paseur earned 1200 total points
ID: 26132441
Teera, the standard way of using the PHP session is to do session_start() on EVERY page.  The code snippet shows how to get rid of a session.  It takes more than just session_destroy() to be safe.
<?php // RAY_logout.php
error_reporting(E_ALL);


// TEACHES HOW TO ELIMINATE A PHP SESSION AND CHANGE STATUS FROM LOGGED IN TO LOGGED OUT


// DEFINITIONS - CHOOSE ANYTHING THAT MAKES SENSE TO YOUR APPLICATION REQUIREMENTS
define('COOKIE_LIFE', 60*60*24); // A 24-HOUR DAY IN SECONDS ( = 86,400 )
$cookie_expires	= time() - date('Z') - COOKIE_LIFE;


// ALWAYS START THE SESSION ON EVERY PAGE
session_start();

// CLEAR THE INFORMATION FROM THE $_SESSION ARRAY
$_SESSION = array();

// IF THE SESSION IS KEPT IN COOKIE, FORCE SESSION COOKIE TO EXPIRE
if (isset($_COOKIE[session_name()]))
{
   setcookie(session_name(), '', $cookie_expires, '/');
}

// TELL PHP TO ELIMINATE THE SESSION
session_destroy();






// OPTIONAL - CLEAR ALL COOKIES
/*
foreach ($_COOKIE as $key => $value)
{
   setcookie($key, '', $cookie_expires, '/');
}
*/

// OPTIONAL - TELL CLIENT ABOUT THE LOGOUT
/*
echo "YOU ARE LOGGED OUT";
*/

// OPTIONAL - REDIRECT TO THE HOME PAGE
/*
header("Location: /");
exit;
*/
?>

Open in new window

0
 
LVL 6

Expert Comment

by:hexer4u
ID: 26132513
I think this is a bit overkill, and you still didn't delete the session variables, only the cookies.
I very much doubt he has need of all these steps.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 26132527
"...you still didn't delete the session variables,..."

Please see line 17 in the code snippet.  The session variables are in the $_SESSION array.

He has need of exactly 100% of these steps, in this order.  It is working production code that has been peer-reviewed.

best regards, ~Ray
0
 
LVL 6

Expert Comment

by:hexer4u
ID: 26132561
Line 17 is OK, but I think that's the only thing he needs (width session_start() of course), but do you really think he set cookies? Still, to be on the safe side, you're right.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 26133561
"...think he set cookies?"

It is almost 100% sure that the session handler set a cookie.  The session handler MIGHT put the session ID into the URL, but that is pretty rare.  So we test to see if the session cookie is set (line 20) and remove it (line 22) if necessary.

Line 26 is documented here (notes worth reading):
http://us3.php.net/manual/en/function.session-destroy.php

The other parts below that are optional, just depends on the business logic.

HTH, ~Ray
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 26162054
@teera:  You accepted the wrong solution.  

The post you accepted says, "you can use session_destroy(); to clear the session" and that is factually inaccurate.  I posted the correct solution with a complete code sample.  

I'll ask the moderators to reopen the question so you can make an adjustment.  

Thanks and regards, ~Ray
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 26166205
Teera, from the way you distributed the points on this question it looks like you still may be missing the point, and I would hope that you take a moment to read the man page about this topic.  If not, you are setting yourself up for some pretty horrific security problems.  There is a right way to do these things, and a reason for doing them that way.  Better safe than sorry.
http://us3.php.net/manual/en/function.session-destroy.php
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 26277896
This is correct: ID: 26132441.  It implements the recommendations here:
http://us2.php.net/manual/en/function.session-destroy.php

Best to all, ~Ray
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses
Course of the Month16 days, 6 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question