phdphd Posted September 5, 2017 Share Posted September 5, 2017 Hi All,A few weeks ago, as part of a logout process, I implemented Jacques1's "Terminating the session correctly" procedure (https://forums.phpfreaks.com/topic/287744-secure-login-strongest-session-ids-and-secure-site-navigation/).Anytime I used it, it worked perfectly. But today I once got the warning "Session object destruction failed in .... on line XX", "XX" being the line for "session_destroy();".Since then, I tried to reproduce the error, but the logout process works again as expected.1. Any idea of the reason for this "single" failure ?2. Would inserting "session_regenerate_id();" before "session_destroy();" really be a solution, as suggested here?Thanks ! Link to comment Share on other sites More sharing options...
requinix Posted September 6, 2017 Share Posted September 6, 2017 It happens when the session data could not be deleted. You're probably using regular session files, so that means the file couldn't be deleted: it may have been already (somehow), or maybe permissions were messed up, or perhaps the file was locked because PHP was still using it (I don't know about that one). Adding session_regenerate_id() will only cover up the problem by switching the session ID to something else just before you delete it. Extra work for no gain. Link to comment Share on other sites More sharing options...
phdphd Posted September 6, 2017 Author Share Posted September 6, 2017 Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.