Jump to content

[SOLVED] Best practice with sessions...


CloudSex13

Recommended Posts

Hi, thanks for reading.

 

I did a bit of research here and there and learned a bit further into PHP sessions and PHPSESSID.

 

I wanted to know why the following code:

 

$PHPSESSID = session_id();
unset($PHPSESSID);
session_destroy();

 

...will not unset the PHPSESSID, and why PHPSESSID will not disappear when the page is closed by the user...

 

Is that normal?

Link to comment
https://forums.phpfreaks.com/topic/153883-solved-best-practice-with-sessions/
Share on other sites

Thanks Crayon Violent for the help.

 

I'm trying out using a session cookie instead of a persistent cookie, and am finding trouble on how to destroy that session cookie when a user clicks logout.php.

 

My logout.php code has:

 

session_start();

unset($_COOKIE['cookiename']);
session_unset();
session_destroy();

 

Am I forgetting something? :/

A session uses a cookie to store the session id for session vars.  the vars/values are actually stored on the server.  But it doesn't even need the cookie to run the session.  You can pass the session id other ways, if cookies aren't allowed.  That's the only thing that cookies have anything to do with sessions.

 

$_COOKIE is not related to session variables. you delete a cookie by resetting it with an expiration date of sometime in the past. 

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.