Jump to content


Photo

Session: destroying the sessions & sessions' tmp file...


  • Please log in to reply
3 replies to this topic

#1 fletchsod

fletchsod
  • Members
  • PipPip
  • Member
  • 13 posts

Posted 06 June 2006 - 09:39 PM

Everytime the session_destory() is issued, the /tmp/sess_*** files with the same session_id() are still there...

Why does it not get destroyed?? How do we properly destroy it? I sometime wonder about trying to destroy the sessions in the memory as well (via session.save_handlers = "mm")...

This is what I get...

--snip--
Warning: Session object destruction failed in php_library.inc on line 126
--snip--

Thanks,
Scott

#2 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 07 June 2006 - 11:04 AM

You cannot delete or remove the session file generated with session_destroy. session_destory clears all the contents that is in the session file.

Also when you destroy the session you can use the [a href=\"http://uk2.php.net/manual/en/function.session-regenerate-id.php\" target=\"_blank\"]session_regenerate_id[/a] function which regenerate the session id, therefore when the session is destroyed the old session_id is invalid.

#3 fletchsod

fletchsod
  • Members
  • PipPip
  • Member
  • 13 posts

Posted 07 June 2006 - 02:57 PM

Interesting... I have read reports that some php developers had successfully destory the tmp session file via "session_destory()" command...

#4 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 07 June 2006 - 03:18 PM

I suspect that they have used the [a href=\"http://uk.php.net/manual/en/function.session-set-save-handler.php\" target=\"_blank\"]session_set_save_handler[/a] functiion which allows you to define how you want session_destory to react when called. Such as it deletes the session file, rather than clearing contents of the file. In order to delete the session you need to make sure you have the correct permission set on both the folder that stores the session files and the session file it self you are about to delete.

Thats probably they did it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users