Sunday, 19 January 2014

How to Completely Log Off Users by Destroying Sessions in PHP

In order to delete a session, two things need to be done:
  • The session variables need to be destroyed: session_unset(). This ensures that all the data associated with the current session is deleted. 
  • The session id needs to be regenerated: session_regenerate_id(). This is necessary so that another session with the same id cannot be created.

It goes without saying that these methods can only be called if the session has already been started. Otherwise, you need to run session_start() first.

No comments:

Post a Comment