Why is PHP session_destroy() not working?
After using session_destroy()
, the session is destroyed behind the scenes. For some reason this doesn't affect the values in $_SESSION
, which was already populated for this request, but it will be empty in future requests.
You can manually clear $_SESSION
if you so desire ($_SESSION = [];
).
session_destroy() doesn't work with PHP 7.0 on server
Note: You do not have to call session_destroy() from usual code. Cleanup $_SESSION array rather than destroying session data.
- From the manual
Show us your code page where you set $_SESSION = array();
This should be all you need to do. Check you have set session_start();
on this page:
session_start();
$_SESSION = []; //empty the array.
--End of file.
If you want to make absolutely sure that it works ok you can try using something like this:
session_start();
$_SESSION = []; //empty array.
session_write_close();
But note any further edits to any session data on this script will not be saved once the script completes.
You may also have an issue if your scripts are in different folders and the local php.ini session name is different in these different folders... Different names, different sessions.
Central PHP.ini:
session.name=somethingSessiony
local folder specific PHP.ini
session.name=somethingsessiony
If you feel this may be a factor try something like this:
error_log(__FILE__." : " .print_r(session_name(),true));
In both the file that clears the session data and the file that should be reading the "empty" session data.
Session_unset and session_destroy not working
You must definitely define a variable as session
for example:
LOGIN
<?php
session_start();
if($_POST['username']){
$_SESSION['username'] =$_POST['username']; // session run
}
?>
LOGOUT
<?php
session_start();
if($_POST['LOGOUT']=='exit'){
@session_unset();
}
?>
You can also use
unset($_SESSION['username']);
instead of
session_unset();
Why session_destroy cannot unset the current session value php
The manual entry for session_destroy
says:
session_destroy()
destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie.
So, session_destroy()
will destroy the data where it's actually stored (filesystem/memcached/Redis/whatever, depending on the session handler that has been configured), but the same data will still stay in memory in the $_SESSION
superglobal, until you explicitly unset it, either with unset()
or $_SESSION = []
.
So, yes, you have to call session_destroy()
after using unset()
, as the example on the manual page for session_destroy()
says: https://www.php.net/manual/en/function.session-destroy.php#refsect1-function.session-destroy-examples
And finally, to answer your primary question "Why session_destroy cannot unset the current session value php": because that's not what this function is for. The manual says it all. Just read it carefully and you'll know everything about session cleaning.
Why `session_destroy()` does not work in PHP?
For me, only the following combination works perfectly to destroy a session completely:
session_destroy();
session_unset();
session_regenerate_id(true);
Edit: Did you try this:
<?php
session_start();
$sid = session_id();
echo $sid;
echo "<br />";
//destroy session
session_destroy();
session_unset();
//now start the new session
session_start();
session_regenerate_id(true);
$sid = session_id();
echo $sid;
?>
It work's perfectly.
session_destroy not working after modifying session.save_path (where session data is saved on server)
As mentioned in commentsPerhaps your ini_set() code, or at least the path changing part, needs to be in your log out script as well.
In code form:
ini_set('session.save_path', '/home/server/.sessionsData');
session_start();
session_destroy();
header("location: https://website.com");
Related Topics
Architecture More Suitable For Web Apps Than MVC
Which One Is the Best Pdf-API For PHP
Find the Last Element of an Array While Using a Foreach Loop in PHP
Best Way to Test For a Variable'S Existence in PHP; Isset() Is Clearly Broken
What Exactly Are Late Static Bindings in PHP
Run a PHP File in a Cron Job Using Cpanel
What Is ≪=≫ (The 'Spaceship' Operator) in PHP 7
Convert/Cast an Stdclass Object to Another Class
How to Rely on PHP PHP.Ini Precision Workaround For Floating Point Issue
Escaping Single Quote in PHP When Inserting into MySQL
How to Round Up a Number to Nearest 10
PHP List of Specific Files in a Directory