bool session_destroy ( void )
A session lasts until your visitor closes their browser - if they navigate away to another page, then return to your site without having closed their browser, their session will still exist . This behaviour is usually desirable - potentially your visitor's session data might last for days, as long as they keep browsing around your site, whereas cookies usually have a fixed lifespan.
If you want to explicitly end a user's and delete their data without them having to close their browser, you need to clear the $_SESSION array, then use the session_destroy() function. Session_destroy() removes all session data stored on your hard disk, leaving you with a clean slate.
To end a session and clear up its data, use this code:
<?php session_start(); $_SESSION = array(); session_destroy(); ?>
There are two important things to note there: firstly, session_start() is called so that PHP loads the user's session, and secondly we use an empty call to the array() function to make $_SESSION an empty array - effectively wiping it. If session_start() is not called, neither of the following two lines will work properly, so, again, always call session_start()!
Want to learn PHP 7?
Hacking with PHP has been fully updated for PHP 7, and is now available as a downloadable PDF. Get over 1200 pages of hands-on PHP learning today!
If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!
Next chapter: Checking session data >>
Previous chapter: Removing session data
Home: Table of Contents
Copyright ©2015 Paul Hudson. Follow me: @twostraws.