Reputation: 45
php session_destroy() setcookie time()
In the example on php.net to use session_destroy(), it specifies to delete a cookie:
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
}
Should the 42000 seconds be changed? What value should one use? I don't recall setting any cookies in my session, but I believe php.ini has it setup to use cookies by default.
Upvotes: 2
Views: 1795
Answers (1)
Reputation: 12508
PHP set the cookie by default. When you create a session in PHP, PHP will generate a corresponding session ID and pass that back and forth on requests in the HTTP headers. This is how the server knows what session data to associate with a particular user.
You do not need to change the 42000. The point of this number is to set the cookie to expire to a time long passed. By doing so, the browser will remove the corresponding cookie, removing the reference to the stored session data on the server, thereby "clearing" the session.
The session data on the server will be removed at a later time by the PHP garbage collector as specified by the time given in your php.ini configuration file.
Below is a reference to the default session configuration settings used when PHP is installed.
Reference: Session Configuration Settings
Upvotes: 5
Related Questions
- How to destroy the session cookie correctly with PHP?
- Destroy PHP Sessions on Browsers Tab Close
- How to delete/unset a cookie on php?
- Unset() and session_destroy();
- Session_unset and session_destroy not working
- logging out in php ( cookies and sessions )
- session_name() and session_destroy()
- Ending a session/clearing cookies
- PHP logout cookies and sessions
- session_destroy() and setcookie fail