Darek911

When writing a logout script in PHP what steps should i take? Should i: 1.) unset all session vars like: unset($_SESSION["var1"]); unset($_SESSION["var2"]); or calls session_unset(); 2.) destroy session cookie like: setcookie(session_name(), "NULL", time()-60, $params['path'], $params['domain'], $params['secure'], isset($params['httponly'])); 3.) finally destroy the session data by calling session_destroy(); or maybe just only unset the session vars - that is making only the first step? I'm asking because I've seen many logout scripts that doesn't involve these 3 steps (i most cases doing only the first one as i stated) Thx. for help.