Pergunta

I have a website in which I set several variables like 

$_SESSION["id"]

$_SESSION["email"]

$_SESSION["role"]

When user clicks on logout should I use session_destroy() or unset all the variables, it has no special impact on my site, but considering the fact that my sessions are stored on elastic cached with Redis? I think unless I do session_destroy() the session will not be removed from Redis,(thus occupying memory)

Any help?

Foi útil?

Solução

Use session_destroy() if you are using it as a logout link, it will get rid of all session data without really having to worry about it. Just remember you have to refresh or redirect because the variables are still set on that page after you use session_destroy

Source: Session unset, or session_destroy?

Outras dicas

Depends on if you want to keep any other session data. I only use session_destroy() when I'm positive I want to wipe out the entire user session, otherwise I unset()

You can simply use session_destroy() function. Create a logout.php page and add the following code,

<?php
session_destroy();
header('Location: index.php'); 
?>

Then call this logout.php by adding links to these page,

<a href="logout.php"> Logout </a>

This will destroy your session and re-direct to your index.php page.

Unset will destroy a particular session variable like unset($_SESSION['id']); whereas session_destroy() will destroy all the session data for that user.

I found on the Internet sometimes extended session_destroy, what I use:

function sessionDestroy()
{
  $params = session_get_cookie_params();
  setcookie(session_name(), '', time() - 42000,
      $params['path'], $params['domain'],
      $params['secure'], $params['httponly']
  );
  session_destroy();
}
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top