PHP Session Destruction Sessions

This article is about the PHP session destruction session, has a certain reference value, now share to everyone, the need for friends can refer to

Session_destroy

(PHP 4, PHP 5, PHP 7)

Session_destroy - destroys all data in a session

Description

BOOL Session_destroy ( void )

Session_destroy () destroys all data in the current session, but does not reset the global variables associated with the current session and does not reset the session cookie. If you need to use session variables again, you must call the session_start () function again.

Note: Normally, you do not have to call the Session_destroy () function in your code to clear the data in the $_session array directly to achieve session data cleanup.

In order to completely destroy the session, you must reset the session ID at the same time. If the session ID is transferred through a cookie, the setcookie () function is also called to remove the client's session cookie.

When the Session.use_strict_mode configuration item is enabled, you do not need to delete the cookie for the expired session ID because the session module has no longer accepted the cookie with the expired session ID, and then it generates a new session ID cookie. It is recommended that all sites have session.use_strict_mode configuration items enabled.

Warning

Premature deletion of data in a session can lead to unpredictable results. For example, when there is a concurrent request from a JavaScript or URL link, one request deletes the data in the session, causing other concurrent requests to be unable to use the session data.

Although the current session processing module does not accept null session IDs, deleting the data in the session immediately due to the client (browser) processing may result in a null session cookie being generated, causing the client to generate many unnecessary session ID cookies.

To avoid this, you need to set a timestamp in $_session and the access to the session after that timestamp will be rejected. Or, make sure that there are no concurrent requests in your app. The same rule applies to session_regenerate_id (). session_regenerate_id () also.

return value

Returns TRUE when successful, or on Failure FALSE .

Example

Example #1 destroy session data and

<?php//initializes the session. If you want to use the session, do not forget to call Now: Session_Start ();//Reset all variables in the session $_session = Array ();//If you want to clean up more thoroughly, then delete the session cookie//Note: This not only destroys the data in the session, Also destroys the session itself if (Ini_get ("Session.use_cookies")) {    $params = Session_get_cookie_params ();    Setcookie (Session_name (), ", Time ()-42000,        $params [" Path "], $params [" Domain "],        $params [" secure "], $params ["HttpOnly"]    );} Finally, destroy session Session_destroy ();? >




Ini_get
(PHP 4, PHP 5, PHP 7)

Ini_get-gets the value of a configuration option

Description
String Ini_get (String $varname)

Returns the value of the configuration option when successful.

session_get_cookie_params - Gets the session cookie parameter, returns the array

Related recommendations:

PHP Session prevents duplicate logins

The destruction of the PHP session is three different ways