Home arrow PHP arrow Page 3 - Introduction to Maintaining the State of Applications with PHP Sessions

Ending a session: using the “session_destroy()” function - PHP

In PHP, session management is used to help web applications maintain their state across several HTTP requests when needed. In this first part of a series, you will learn the basics of the PHP built-in session mechanism, as well as some of its many useful functions.

TABLE OF CONTENTS:
  1. Introduction to Maintaining the State of Applications with PHP Sessions
  2. Working with persistent data: the basics of session management
  3. Ending a session: using the “session_destroy()” function
  4. More session functions ahead: finding out the name of active sessions
  5. Configuring the PHP session module: using some helpful session functions
By: Alejandro Gervasio
Rating: starstarstarstarstar / 18
April 26, 2006

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

In many situations, the logic of a particular PHP application requires that a specific session be terminated. In order to end an active session, PHP includes the “session_destroy()” function, which as the name indicates, destroys all the data associated with the current session. It’s worth noting that this function doesn’t unset any of the global variables tied to the session or the respective cookie. The use of this function is exemplified below:

session_start();
session_destroy();

As I said before, calling the “session_destroy()” function doesn’t delete the corresponding session variables or associated cookies. Thus a typical script, excerpted from the PHP manual, which destroys the current session along with all the session variables and the cookie associated to it, is listed below:

// destroy a session and all variables and cookies associated
with it.
session_start();
$_SESSION = array();
if(isset($_COOKIE[session_name()])){
   setcookie(session_name(),'', time()-48000,'/');
}
session_destroy();

In the above example, all the session variables are unset by the line:

$_SESSION = array();

while the corresponding cookie is deleted by the following code:

if(isset($_COOKIE[session_name()])){
   setcookie(session_name(),'', time()-48000,'/');
}

Additionally, all the registered session variables can be freed up with the “session_unset()” function. However, for a complete and secure deletion of the entire session, it’s recommended to use the “session_destroy()” function in conjunction with the superglobal $_SESSION array and the “setCookie()” function, as shown in the example above.

Nevertheless, there are some extra issues worth considering when ending sessions. In case the session ID is transmitted by cookies, they will be deleted as soon as the browser is closed. Bearing in mind this condition, you should configure (when possible) the “gc_maxlifetime” and “gc_probability” directives of the php.ini file, in order to instruct PHP to trigger its garbage collection mechanism, in accordance with the requirements of the application being developed.

Fine, at this point, you hopefully learned how to create and destroy an active session. Therefore, let’s move on to the next section and continue exploring a few more handy session functions.



 
 
>>> More PHP Articles          >>> More By Alejandro Gervasio
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: