how to kill a session definately

[mojito]

I have reviewed the post concerning sessions and headers yet it didnt answer my question so I ask here.

appologies.

i get the following error

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /usr/??/???/httpd/?????/paradise.com/htdocs/header.php:22) in /usr/l.../paradise.com/htdocs/design/include/main.php on line 4

I needed to write a backend admin and used session to store an md5 encoded user password. on logout i need to kill and remove this session.
Since i used session_start(); in that code and it wasnt at the very top of a particular page including all includes it gets that error..as there is other code i am not aware of using session.

The page which gets the error is not using my code though so is it becuase a session gets set on the server which means it causes the error?

Is there a good tutorial explaining session variables for php and conflicting uses.
thanks

mojito

[ober]

That error means that their is either white space or HTML or some other output being created before you call session_start().

[wildteen88]

The output occured around line 22 in [b]header.php[/b] and the error was triggered in [b]main.php[/b] on line 4.

If you could post lines 15 - 25 from header.php here and lines 1 - 6 from main.php here too we'll be able to help you alot more.

You are getting that error message becuase there is output before the use of the session_start() was called. You cannot output any html/text/whitespace before the use of session_start.

[mojito]

[!--quoteo(post=376377:date=May 23 2006, 04:01 PM:name=wildteen88)--][div class=\'quotetop\']QUOTE(wildteen88 @ May 23 2006, 04:01 PM) [snapback]376377[/snapback][/div][div class=\'quotemain\'][!--quotec--]
The output occured around line 22 in [b]header.php[/b] and the error was triggered in [b]main.php[/b] on line 4.

If you could post lines 15 - 25 from header.php here and lines 1 - 6 from main.php here too we'll be able to help you alot more.

You are getting that error message becuase there is output before the use of the session_start() was called. You cannot output any html/text/whitespace before the use of session_start.
[/quote]

4, /*session_start('PHPSESSID');
5, session_register("session");*/

removed then removes the error. but they are needed in this script for authentication. The problem is someone has included this file here as a hack to get the db working and vars available etc but there is a lot of html which comes before this include, so yes i see why it is broken.

What I WANTED TO KNOW WAS (sorry) what happens to the sessions if the browser is closed etc, i thought they are killed automatic but they exist on the server right? so how can i be sure to get rid of all session info and if register globals is on.

thanks.

[wildteen88]

Yes the sesion data is stored in a private folder usually the tmp folder. However if the browser is closed and the user didn't logout when they left. When they come back to your site in a new browser window PHP will issue a new session to that user.

You cannot delete the session files yourself unless you have access to the folder in which they are stored in.