6

In my session start script, I choose the session_name and then do a session_start.

   $session_name = rand(0,1) ? 'first' : 'second';
   session_name($session_name);
   session_start();

The above code runs on every page load. After a few page loads, there will probably be sessions for both session_name 'first' and session_name 'second'.

This is my code which is in my logout script to try and destroy both these sessions:

session_start();
session_name("first");
session_unset();
session_destroy();
session_write_close();

session_start();
session_name("second");
session_unset();
session_destroy();
session_write_close();

The script above destroys first but not second. If I run the log out script a second time it then destroys the second session, as the first one is already deleted.

How do I destroy sessions for both session names in the same script?

Hard worker
  • 3,916
  • 5
  • 44
  • 73

2 Answers2

3

TRY IT

<?php
    session_name("first");
    session_start();
    echo session_status();
    session_destroy();
    echo session_status();

    session_name("second");
    session_start();
    echo session_status();
    session_destroy();
    echo session_status();
?>

I've tested it on xampp and it returns values 2121 meaning session is active, none exist, the session is active, none exist.

I've placed session_name() before session_start() because setting the name as you did doesn't take effect after a session has already been started. I've googled it and it has to do something with the php.ini file where session.auto_start is set to "true".

The explanation and a debate on this topic are found here: http://php.net/manual/en/function.session-name.php - check comments.

EDITED:

After reviewing your edit again, you basically don't create two sessions but only one and it starts with a random name "first" or "second". You can destroy a session but the cookie will remain. I've tested your code on xampp and it does exactly that. First, the PHP starts one session and stores a cookie with a time value of "session", after reloading the page it will load one of two options again but this time it will change the existing cookie time to "N/A". You should search for a solution to clear your cookies on your domain after page loads like so:

<?php
    $session_name = rand(0,1) ? 'first' : 'second';
    session_name($session_name);
    session_start();

    deleteCookies($session_name);

    function deleteCookies($skip_this_one) {
        if (isset($_SERVER['HTTP_COOKIE'])) {
        $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
        foreach($cookies as $cookie) {
            $parts = explode('=', $cookie);
            $name = trim($parts[0]);
            if ($name == $skip_this_one) {
                //skip
            }else{
                setcookie($name, '', time()-1000);
                setcookie($name, '', time()-1000, '/');
            }
        }
    }
    //do something inside your session
    //when done, stop the session the way you want
    session_destroy();
}
?>

This will delete all previous cookies and keep the current session open.

This solution is re-written from here: how to delete all cookies of my website in php

Hope this helps :)

Manikandan C
  • 668
  • 1
  • 9
  • 22
c00ki3s
  • 466
  • 9
  • 19
-1

Please try below code 

<?php unset($_SESSION['name']); // will delete just the name data
session_destroy(); // will delete ALL data associated with that user. 
?>
Digpal Singh
  • 166
  • 1
  • 5