unset() and session_destroy();

**runeveryday** · Jan 18, 2010 02:14

PHP Code:


<?php session_start();

if(isset($_SESSION["user_name"]))

if($_GET["destroy"]=="yes")

{

unset($_SESSION["user_name"]);

session_destroy();

}



if(!isset($_SESSION["user_name"]) &&

$_GET["user"]!="")

$_SESSION["user_name"] = $_GET["user"];



?>

<html>

<head>

<title>Session Example</title>

</head>

<body>

Welcome <?php echo $_SESSION["user_name"]; ?>

<form action="#">

Input your name here: <input type=text name=user>

<input type=submit value=Submit>

</form>



<form action="#">

<input type=hidden value=yes name=destroy>

<input type=submit value="Destroy Previous Session">

</form>

</body>



</html>

on the above,there are two lines "unset($_SESSION["user_name"]);
session_destroy();" when i deleted "session_destroy();" the dispay is the same as have it. is it unnecessary ?who can explain this ,any tips would be appreciated.

**Dan Grossman** · Jan 18, 2010 02:17

session_destroy does not change any of the variables in your script execution, it removes the session data from the server. Unless you set up an alternate session handler, this means it destroyed the text file in your temporary directory that was holding the session data for that session identifier.

With session_destroy(), upon reloading the webpage, the session is empty and $_SESSION['user_name'] does not exist.

Without session_destroy(), upon reloading the webpage, $_SESSION['user_name'] is populated again from the session file.

**Raju Gautam** · Jan 18, 2010 02:22

As far as I know, if you going to destroy the session then you don't have to use any unset() for the variables. Just destroy, it will destroy/kill all the variables registered so far.

Edit:
Ahh.. yes, Dan is right. If you are in the same page printing/echoing the variable then you must unset them. What I normally do is, destroy the session and reload the page.

**runeveryday** · Jan 18, 2010 02:46

Without session_destroy(), upon reloading the webpage, $_SESSION['user_name'] is populated again from the session file.

i delete the session_destroy(),and submit a name,then destroy it.when refresh the browser,i can't see the $_SESSION['user_name'] .which means the $_SESSION['user_name'] is not populated

**Dan Grossman** · Jan 18, 2010 02:49

Originally Posted by runeveryday

i delete the session_destroy(),and submit a name,then destroy it

After you destroyed the session, $_SESSION['user_name'] was not populated on subsequent page loads.

I think we're on the same page here.

**runeveryday** · Jan 18, 2010 02:54

does the populatation happen on server,we can't see the process ,is it right?

**Dan Grossman** · Jan 18, 2010 03:00

Yes, the superglobal variables ($_SERVER, $_GET, $_POST, $_COOKIE, $_SESSION, $_FILES, etc) are all populated before your script begins executing.

**runeveryday** · Jan 18, 2010 03:05

GOT IT,thank you very very much.
but i still don't know,when to use unset( ) a session,or session_destroy(); eg:if i want to delete a session ,the best way is use unset( ) or session_destroy,i am a newbie,would you mind giving me some detail?

**Dan Grossman** · Jan 18, 2010 03:08

$_SESSION is populated from the session file before your code runs.

Your code contains a call to session_destroy(). This deletes the session file.

$_SESSION is still populated, as session_destroy() does nothing but delete the session file.

When the website user loads another page, $_SESSION will not be populated because there is no session file to populate it from, as you destroyed it previously.

**Raju Gautam** · Jan 18, 2010 03:13

First of all you should be clear that unset() is not only for session variables, rather it is for all the variables in php which will unset the variables passed it. As already Dan said, session_destroy is a function which destroys the session holding files in the server. Session files store the sessions data. So if you want to delete all the sessions registered then you use session_destroy and if you want to unset a particular session variable (or any variables) then use unset($varname).
For more details see unset() and session_destroy()

**hash** · Jan 18, 2010 03:14

To delete a session you can simply $_SESSION = array();
This will delete all data in the session, but not the session itself (as in session id in the browser). For that you can either clear the cookie, or session_regenerate_id() to create a new id for that browser.

**runeveryday** · Jan 18, 2010 03:29

all of you made me know a lot,thank you!
what is the use of "unset a particular session variable"?

**runeveryday** · Jan 18, 2010 03:31

when a execute session_destroy(),it only delete session file,the session variable is still there.is it right?

**Shrapnel_N5** · Jan 18, 2010 03:34

session_regenerate_id() would not change any state, so it's use is senseless here.

i still don't know,when to use unset( ) a session,or session_destroy();

if you want to destroy only one session variable, use unset.
if you want to destroy whole session with all variables, you must destroy a session
in this case, as Raju mentioned above, you should destroy the session and reload the page:

PHP Code:


if($_GET["destroy"]=="yes")
  session_destroy();
  header("Location: ".$_SERVER['PHP_SELF']);
  exit;
}

and you'll never see any of your session variables again

what is the use of "unset a particular session variable"?

same use as any other variable. when you no more need this particular variable
you can have more than one session variable

**Shrapnel_N5** · Jan 18, 2010 03:49

In other hand, you have session_start() at the top of the page.
So, it will start another empty session at the next page load. So, as hash mentioned above, you will have the same effect with just $_SESSION = array();

As Perl folks says, "There is always more than one way to do it".

**hash** · Jan 18, 2010 04:03

You're correct about session_regenerate_id though, it doesn't drop it's association with the session data, but doesn't hurt to refresh this after destroying.

**Raju Gautam** · Jan 18, 2010 04:11

Originally Posted by runeveryday

all of you made me know a lot,thank you!
what is the use of "unset a particular session variable"?

Sometimes you may need to unset a particular session variable among few more rather than destroying the whole session. So at that time you may need the unset(). Also once again, be informed that the function unset() is not only for the session variables. It can be used for rest of the variables as well in PHP.

PHP Code:


session_start();

$_SESSION['var1'] = 'value1';

$_SESSION['var2'] = 'value2';

$_SESSION['var3'] = 'value3';

$_SESSION['var4'] = 'value4';

$_SESSION['var5'] = 'value5';

if($_GET['unset'] == '1'){

    unset($_SESSION['var2'], $_SESSION['var3']);

}

This will unset the two session variables $_SESSION['var2'], $_SESSION['var3'] where as rest of the variables will be available with value for you.

Hope it is clear now.

User Tag List

Thread: unset() and session_destroy();

Thread Tools

Display

unset() and session_destroy();

Bookmarks

Bookmarks

Posting Permissions