How to destroy session_id() in php?

Question

Possible Duplicate:
(PHP) How to destroy the session cookie correctly?

I'm doing a shopping cart in PHP. I am using session_id() to identify individual users. After saving the product order, I need to destroy the session_id. How will I do that?

If I understand your question correctly, you're using the session id as a key in your database? If so, that's most probably a bad idea (tm) — Ja͢ck, Nov 14 '12 at 08:03

score 1 · Answer 1 · answered Nov 14 '12 at 07:53

1

use a session_regenerate_id(). It will change the session id, automatically invalidating the old one

For a good destroy, use the following on logout:

session_start();
session_regenerate_id();
session_destroy();

answered Nov 14 '12 at 07:53

Damien Overeem

4,487
4
36
55

Thank you for your response. Let me try it. :) – tanuja90 Nov 14 '12 at 07:59

score 1 · Answer 2 · edited Apr 20 '16 at 10:13

1

The unset() function is used to free the specified session variable:

if(isset($_SESSION['id']))
{
   unset($_SESSION['id']);
}

You can also completely destroy the session by calling the session_destroy() function:

session_destroy();

edited Apr 20 '16 at 10:13

Black

18,150
39
158
271

answered Nov 14 '12 at 07:59

Nandu

3,076
8
34
51

score 0 · Answer 3 · answered Nov 14 '12 at 07:53

0

Not sure what you mean, but this is how you destroy a session

 unset( $_SESSION['id'] )

answered Nov 14 '12 at 07:53

PinoyStackOverflower

5,214
18
63
126

Thank you for your immediate response. I used the following statement to generate a unique id for the session. $sid = session_id(); I need to destroy the value in $sid after saving the orders in the database. – tanuja90 Nov 14 '12 at 07:56

score 0 · Answer 4 · answered Nov 14 '12 at 07:54

0

use

session_regenerate_id();

instead. It will regenerate the Session ID.

See more information at: http://php.net/manual/en/function.session-regenerate-id.php

answered Nov 14 '12 at 07:54

Raptor

53,206
45
230
366

You will still get the same session id that way if you restart the session. – Damien Overeem Nov 14 '12 at 07:54
Thank you for your response. Let me try it. :) – tanuja90 Nov 14 '12 at 07:58

score 0 · Answer 5 · answered Nov 14 '12 at 07:57

Using session ID is not the best way to go (although you could use session_regenerate_id() to create new session ID) because you loose contents of cart if user logs out (for example he will start preparing order in work and would want to finish it home).

Much better, flexible and easier to control would be creating table:

CREATE TABLE carts (
    `id` INT,
    `user_id` INT
)

score 0 · Answer 6 · answered Nov 14 '12 at 08:35

Give this a try..

page1.php

<?php
    session_start();
    $_SESSION['userID'] = 123;
?>
<a href="logout.php">Logout</a>

logout.php

<?php
    session_start(); // start the session before using it
    session_destroy(); // delete the current session
    //$_SESSION['userID'] = 123;  // <---- NO LONGER EXISTS
    echo "Session destroyed!"; // inform the user of the changes
?>

Or you could just have the session_destroy(); in with your code

How to destroy session_id() in php?

6 Answers6