When writing a logout script in PHP what steps should i take? Should i:
1.) unset all session vars like:
unset($_SESSION["var1"]);
unset($_SESSION["var2"]);
or calls
session_unset();
2.) destroy session cookie like:
setcookie(session_name(), "NULL", time()-60, $params['path'], $params['domain'], $params['secure'], isset($params['httponly']));
3.) finally destroy the session data by calling
session_destroy();
or maybe just only unset the session vars - that is making only the first step?
I'm asking because I've seen many logout scripts that doesn't involve these 3 steps (i most cases doing only the first one as i stated)
Thx. for help.