19

My php website flows like this:

  • Page1.php has an html form which POSTs to Page2.php
  • Page2.php stores all the POST data into SESSION variables and has a button leading to Page3.php
  • Page3.php has another form which POSTs its data to Page4.php
  • Page4.php then stores all its POST data into SESSION variables

My problem is that it may be nessicary for a user to click the back button on Page4.php to go back to Page3.php and change some input. AS im sure your all aware when they get back to Page3.php the form will be blank as the entire page is re-rendered in its default state.

To get around this and re-display the user's previous input im doing this:

<input value="<?php echo $_POST["guest1Ticket"];?> " type="text"  name="guest1Ticket" id="guest1Ticket" onblur="isTicketNumber(this)"  size ="22"/>

This being the important part - <?php echo $_POST["guest1Ticket"];?>

This works but creates another problem for me. If the user goes back to Page1.php (before colsing their browser) and starts the process over again when they get to Page3.php the data from their last run through will be loaded into the form.

What I figure I need to do is clear all of the sdession variables when the user visists Page1.php. I tried to to that like this:

<?php 
 session_start(); 
 session_unset(); 
 session_destroy(); 
?>

(The above is at the very top of my file with no whitespace before the first character.)

No Warnings are generated when Page1.php loads but the session variables are not getting unset. When I get to Page3.php the data from the last run is still being entered into the form.

How can I clear my session data correctly?

BTW I only need this to work in Chrome and thats where im testing.

RGriffiths
  • 5,722
  • 18
  • 72
  • 120
Wesley Smith
  • 19,401
  • 22
  • 85
  • 133

3 Answers3

18

Only use session_unset() for older deprecated code that does not use $_SESSION.

see session_destroy manual

example you can try and see how it works

session.php

<?php
session_start();
$_SESSION = array('session1'=>1,'session2'=>2);

echo $_SESSION['session1']; //1
$_SESSION['session1'] = 3;
echo "<pre>";
print_r($_SESSION); //session one now updated to 3
echo "</pre>";


$_SESSION = array();
if ($_SESSION['session1']) {
 echo $_SESSION['session1']; //  IS NOW EMPTY
} else {
 echo "woops... nothing found";
}
?>
<p>
<a href="destroyed.php">NOW GOING TO DESTROYED PHP<a/>
</p>

<?php
session_destroy();
?>

destroyed.php

<?php
session_start(); // calling session start first on destroyed.php

print_r($_SESSION); // prints Array ( )  
?>
Grmn
  • 542
  • 2
  • 9
  • Saw that link also, I tried `$_SESSION = array();` but that did not uset the variables either so I went back to the above method. It seems Im missing something somewhere – Wesley Smith Mar 19 '13 at 05:44
  • i have edited my previous comment, added a code snippet for you. So you can see how it works, remember that each time you use $_SESSION you will need to call session_start(); in that file. – Grmn Mar 19 '13 at 05:55
  • This looks like it should work but it deosnt, this is what is printed out every time I go to Page1.php 1 Array ( [session1] => 3 [session2] => 2 ) woops... nothing found – Wesley Smith Mar 19 '13 at 06:14
  • well that is correct... if you copied and pasted that code exactly it would do that every time, you run it.. It is just an example for you to see how session works.. . first I create session 1 and 2, rename or update session 1 with (int) 3, update all with an empty array.... ill update the comment putting in a second page – Grmn Mar 19 '13 at 06:15
  • Got this working now. I did actually try `$_SESSION = array();` simillarly before posting. It turns out my test using it originally didnt work for a strange reason. When I got to my Page4.php I was using a "Favorites" link in Chrome to go back to Page1.php. For some reason if I do that the session variables are NOT actually unset or at least the form can still see them somehow. I put a link on Page4 going to Page1. If I actually click that link everything works as expected. Weird ..but at least I got it working. Thank you very much for your help. – Wesley Smith Mar 19 '13 at 07:59
3

From the documentation:

If $_SESSION (or $HTTP_SESSION_VARS for PHP 4.0.6 or less) is used,
use unset() to unregister a session variable, i.e. unset ($_SESSION['varname']);

And take care about session_destroy:

session_destroy destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session

MatRt
  • 3,494
  • 1
  • 19
  • 14
  • Yeah I saw that but I have around 100 variuables and would rathe not unset each individually. Im looking for a way to clear them all at once – Wesley Smith Mar 19 '13 at 05:41
  • You can easily iterate over your $_SESSION without knowing each element inside. – MatRt Mar 19 '13 at 05:43
  • Fair enough, it is an array after all. I just knew there was a standard way to do them all at once but couldnt get it to work. Thanks for the help though! – Wesley Smith Mar 19 '13 at 08:01
1

Use session_unset(). Like this:

<?php session_start(); ?><!DOCTYPE html>
<html>
  <body>
    <?php
      $_SESSION["variabletounset"] = "I am going to be unset soon along with all of the other session variables.";
      print '<pre>' . "\n";
      print_r($_SESSION);
      print '    </pre>' . "\n";

      session_unset();

      print '    <pre>' . "\n";
      print_r($_SESSION);
      print '    </pre>' . "\n";
    ?>
  </body>
</html>

This would output:

Array
(
variabletounset => I am going to be unset soon along with all of the other session variables.
)

Array
(
)
Ewer Ling
  • 119
  • 4
  • 15