Question
https://stackoverflow.com/questions/18537676
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian?php session_start();
if(isset($_SESSION["user_name"]))
if($_GET["destroy"]=="yes")
{
session_destroy();
unset($_SESSION["user_name"]);
}
if(!isset($_SESSION["user_name"]) &&
$_GET["user"]!="")
$_SESSION["user_name"] = $_GET["user"];
?>
i was wondering, why would we need both unset and session_destroy()? i tested by removed either one of them,and the result was still the same. the user still logged out. please someone explain to me, thank so much.
Solution
session_unset() delete only a variables from session - session still exist-Only data are truncated.But session_unset() is an outdated PHP function. We can set the session to an empty array instead.
$_SESSION = array();
session_destroy() will delete whole session. It's not always necessary to do both.But it is advisable to do both just to ensure extra security.
OTHER TIPS
unset() deletes a variable not a session.
session_destory() destroys the session.
session_destroy() destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie.
However, I would suggest that you do a:
$_SESSION = array();
... instead of unset();
