Reputation: 125
How to completely destroy session variables on logout
When I log a user out of an app I am building I use session_destroy();
But when I go back to the page, all session variables are still set.
How can I completely destroy all session variables and ultimately require a user to log back in again?
Here is my code:
session_unset(); // clears all session variables
$_SESSION = array();
session_destroy(); // deletes session id
Thanks
Upvotes: 0
Views: 2229
Answers (2)
Reputation: 211
you are not calling session_destroy() for sure, your code may be unable to access it.
Post more code so we could help you
Upvotes: 0
Reputation: 9790
After using session_destroy(), the session cookie is removed and the session is no longer stored on the server. The values in $_SESSION may still be available, but they will not be on the next page load.
If you need to clear the values of $_SESSION, set the array equal to an empty array:
Of course, you can't access the values of $_SESSION on another page once you call session_destroy, so it doesn't matter that much.Still if you are concerned .
Try the following:
session_destroy();
$_SESSION = array(); // Clears the $_SESSION variable
Upvotes: 3
Related Questions
- How do I destroy a specific session variable in PHP?
- Destroy all session variables with PHP
- Session variables survive after logout
- Destroy the Session File after logout
- PHP: How to properly destroy session, delete session data and unset session variables
- In php, how to destroy the session variables
- Unset session when leaving page
- destroy session variable for logout
- Session Variables do not get destroy even using session_destroy()
- Destroy session, but keep one variable set