getting session variable even after session destroy

Question

I am newbie in php. I can not under stand a thing that session variable is outputting even after session_destroy() and session_unset().Here is my simple code for test

`session_start();
 SESSION['name']='sovon';
 session_destroy();
 session_unset($_SESSION['name']);
 echo $_SESSION['name'];

`

The output is 'sovon'. My question what is session_destroy() and session_unset() doing here and whats the difference between them? Oh! when I am deleting session_destroy() that variable is getting unset. why?

Answer 1

The following works perfectly in all browsers to kill and destroy and unset all session info. Perfect to put it in sign-out file.

<?php
    session_start();
    session_unset();
    session_destroy();
    session_write_close();
    setcookie(session_name(),'',0,'/');
    session_regenerate_id(true);
?>

Answer 2

I got it faisal, session_distroy is destroying session if its created in other pages. If the session variable created on the same page then it will be remain. The best practice is to null the session variable after session distroY $_SESSION = NULL;

Like I am using in logout,

session_start();
session_distory();
$_SESSION = NULL;
header('Location: Login.php');

I think this help you.

Answer 3

Perhaps its easier if you read the php manual.

session_destroy() 

session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again, session_start() has to be called.

So if you want to unset the data inside. You have to unset it.

unset($_SESSION);

Session unset...

session_unset()

deletes all variables and leave session_id. But session_unset has no parameters.

What you search is

unset($_SESSION['name']);