PHP Tutorial

PHP SESSION destroy session

不言

Apr 18, 2018 pm 01:52 PM

phpsessiondestroy

This article introduces the content of PHP SESSION destruction session, which has certain reference value. Now I share it with everyone. Friends in need can refer to it

session_destroy

(PHP 4, PHP 5, PHP 7)

session_destroy — Destroy all data in a session

Description

bool session_destroy ( void )

session_destroy() Destroy all data in the current session, but will not reset the global variables associated with the current session, nor will it reset the session cookie. If you need to use session variables again, you must call the session_start() function again.

Note: Normally, you do not need to call the session_destroy() function in your code, you can directly Clear the data in the $_SESSION array to implement session data cleaning.

In order to completely destroy the session, the session ID must be reset at the same time. If the session ID is transmitted through cookies, you also need to call the setcookie() function to delete the client's session cookie.

When the session.use_strict_mode configuration item is enabled, you do not need to delete the cookie corresponding to the expired session ID, because the session module no longer accepts cookies carrying expired session IDs, and then it will generate a new one Session ID cookie. It is recommended that all sites enable the session.use_strict_mode configuration item.

Warning

Premature deletion of data in the session may lead to unpredictable results. For example, when there are concurrent requests linked from JavaScript or URL, a certain request deletes the data in the session, which will cause other concurrent requests to be unable to use the session data.

Although the current session processing module will not accept an empty session ID, due to the way the client (browser) handles it, immediately deleting the data in the session may result in an empty session cookie being generated, and thus Causes the client to generate many unnecessary session ID cookies.

In order to avoid this situation, you need to set a timestamp in $_SESSION. Access to the session after this timestamp will be denied. Or, make sure there are no concurrent requests in your application. This rule also applies to session_regenerate_id(). session_regenerate_id() also.

Return value

Returns on successTRUE, or FALSE on failure.

Example

Example #1 Destroy session data and
<?php
// 初始化会话。
// 如果要使用会话，别忘了现在就调用：
session_start();

// 重置会话中的所有变量
$_SESSION = array();

// 如果要清理的更彻底，那么同时删除会话 cookie
// 注意：这样不但销毁了会话中的数据，还同时销毁了会话本身
if (ini_get("session.use_cookies")) {
 $params = session_get_cookie_params();
 setcookie(session_name(), &#39;&#39;, time() - 42000,
 $params["path"], $params["domain"],
 $params["secure"], $params["httponly"]
 );
}

// 最后，销毁会话
session_destroy();
?>
 

#ini_get

(PHP 4, PHP 5, PHP 7)

ini_get — Get the value of a configuration option

Description
string ini_get (string $varname)

Returns the value of the configuration option on success.

##session_get_cookie_params

— Get the session cookie parameters and return the array

Related recommendations ：

PHP session to prevent repeated login##There are three ways to destroy PHP session

The above is the detailed content of PHP SESSION destroy session. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How does PHP identify a user's session?May 01, 2025 am 12:23 AM

PHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.

What are some best practices for securing PHP sessions?May 01, 2025 am 12:22 AM

The security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.

Where are PHP session files stored by default?May 01, 2025 am 12:15 AM

PHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita

How do you retrieve data from a PHP session?May 01, 2025 am 12:11 AM

ToretrievedatafromaPHPsession,startthesessionwithsession_start()andaccessvariablesinthe$_SESSIONarray.Forexample:1)Startthesession:session_start().2)Retrievedata:$username=$_SESSION['username'];echo"Welcome,".$username;.Sessionsareserver-si

How can you use sessions to implement a shopping cart?May 01, 2025 am 12:10 AM

The steps to build an efficient shopping cart system using sessions include: 1) Understand the definition and function of the session. The session is a server-side storage mechanism used to maintain user status across requests; 2) Implement basic session management, such as adding products to the shopping cart; 3) Expand to advanced usage, supporting product quantity management and deletion; 4) Optimize performance and security, by persisting session data and using secure session identifiers.

How do you create and use an interface in PHP?Apr 30, 2025 pm 03:40 PM

The article explains how to create, implement, and use interfaces in PHP, focusing on their benefits for code organization and maintainability.

What is the difference between crypt() and password_hash()?Apr 30, 2025 pm 03:39 PM

The article discusses the differences between crypt() and password_hash() in PHP for password hashing, focusing on their implementation, security, and suitability for modern web applications.

How can you prevent Cross-Site Scripting (XSS) in PHP?Apr 30, 2025 pm 03:38 PM

Article discusses preventing Cross-Site Scripting (XSS) in PHP through input validation, output encoding, and using tools like OWASP ESAPI and HTML Purifier.

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

What's New in Windows 11 KB5054979 & How to Fix Update Issues

4 weeks agoByDDD

How to fix KB5055523 fails to install in Windows 11?

3 weeks agoByDDD

InZoi: How To Apply To School And University

4 weeks agoByDDD

How to fix KB5055518 fails to install in Windows 10?

3 weeks agoByDDD

Where to find the Site Office Key in Atomfall

4 weeks agoByDDD

Hot Tools

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.