<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Destroys all data registered to a session</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.session-decode.html">session_decode</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.session-encode.html">session_encode</a></div> <div class="up"><a href="ref.session.html">Session Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="function.session-destroy" class="refentry"> <div class="refnamediv"> <h1 class="refname">session_destroy</h1> <p class="verinfo">(PHP 4, PHP 5, PHP 7)</p><p class="refpurpose"><span class="refname">session_destroy</span> — <span class="dc-title">Destroys all data registered to a session</span></p> </div> <div class="refsect1 description" id="refsect1-function.session-destroy-description"> <h3 class="title">Description</h3> <div class="methodsynopsis dc-description"> <span class="type">bool</span> <span class="methodname"><strong>session_destroy</strong></span> ( <span class="methodparam">void</span> )</div> <p class="simpara"> <span class="function"><strong>session_destroy()</strong></span> destroys all of the data associated with the current session. It does not unset any of the global variables associated with the session, or unset the session cookie. To use the session variables again, <span class="function"><a href="function.session-start.html" class="function">session_start()</a></span> has to be called. </p> <blockquote class="note"><p><strong class="note">Note</strong>: <span class="simpara"> You do not have to call <span class="function"><strong>session_destroy()</strong></span> from usual code. Cleanup $_SESSION array rather than destroying session data. </span> </p></blockquote> <p class="para"> In order to kill the session altogether, the session ID must also be unset. If a cookie is used to propagate the session ID (default behavior), then the session cookie must be deleted. <span class="function"><a href="function.setcookie.html" class="function">setcookie()</a></span> may be used for that. </p> <p class="para"> When <a href="session.configuration.html#ini.session.use-strict-mode" class="link">session.use_strict_mode</a> is enabled. You do not have to remove obsolete session ID cookie because session module will not accept session ID cookie when there is no data associated to the session ID and set new session ID cookie. Enabling <a href="session.configuration.html#ini.session.use-strict-mode" class="link">session.use_strict_mode</a> is recommended for all sites. </p> <div class="warning"><strong class="warning">Warning</strong> <p class="para"> Immediate session deletion may cause unwanted results. When there is concurrent requests, other connections may see sudden session data loss. e.g. Requests from JavaScript and/or requests from URL links. </p> <p class="para"> Although current session module does not accept empty session ID cookie, but immediate session deletion may result in empty session ID cookie due to client(browser) side race condition. This will result that the client creates many session ID needlessly. </p> <p class="para"> To avoid these, you must set deletion time-stamp to $_SESSION and reject access while later. Or make sure your application does not have concurrent requests. This applies to <span class="function"><a href="function.session-regenerate-id.html" class="function">session_regenerate_id()</a></span> also. </p> </div> </div> <div class="refsect1 returnvalues" id="refsect1-function.session-destroy-returnvalues"> <h3 class="title">Return Values</h3> <p class="para"> Returns <strong><code>TRUE</code></strong> on success or <strong><code>FALSE</code></strong> on failure. </p> </div> <div class="refsect1 examples" id="refsect1-function.session-destroy-examples"> <h3 class="title">Examples</h3> <p class="para"> <div class="example" id="example-5959"> <p><strong>Example #1 Destroying a session with <var class="varname"><var class="varname"><a href="reserved.variables.session.html" class="classname">$_SESSION</a></var></var></strong></p> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> <span style="color: #0000BB"><?php<br /></span><span style="color: #FF8000">// Initialize the session.<br />// If you are using session_name("something"), don't forget it now!<br /></span><span style="color: #0000BB">session_start</span><span style="color: #007700">();<br /><br /></span><span style="color: #FF8000">// Unset all of the session variables.<br /></span><span style="color: #0000BB">$_SESSION </span><span style="color: #007700">= array();<br /><br /></span><span style="color: #FF8000">// If it's desired to kill the session, also delete the session cookie.<br />// Note: This will destroy the session, and not just the session data!<br /></span><span style="color: #007700">if (</span><span style="color: #0000BB">ini_get</span><span style="color: #007700">(</span><span style="color: #DD0000">"session.use_cookies"</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">$params </span><span style="color: #007700">= </span><span style="color: #0000BB">session_get_cookie_params</span><span style="color: #007700">();<br /> </span><span style="color: #0000BB">setcookie</span><span style="color: #007700">(</span><span style="color: #0000BB">session_name</span><span style="color: #007700">(), </span><span style="color: #DD0000">''</span><span style="color: #007700">, </span><span style="color: #0000BB">time</span><span style="color: #007700">() - </span><span style="color: #0000BB">42000</span><span style="color: #007700">,<br /> </span><span style="color: #0000BB">$params</span><span style="color: #007700">[</span><span style="color: #DD0000">"path"</span><span style="color: #007700">], </span><span style="color: #0000BB">$params</span><span style="color: #007700">[</span><span style="color: #DD0000">"domain"</span><span style="color: #007700">],<br /> </span><span style="color: #0000BB">$params</span><span style="color: #007700">[</span><span style="color: #DD0000">"secure"</span><span style="color: #007700">], </span><span style="color: #0000BB">$params</span><span style="color: #007700">[</span><span style="color: #DD0000">"httponly"</span><span style="color: #007700">]<br /> );<br />}<br /><br /></span><span style="color: #FF8000">// Finally, destroy the session.<br /></span><span style="color: #0000BB">session_destroy</span><span style="color: #007700">();<br /></span><span style="color: #0000BB">?></span> </span> </code></div> </div> </div> </p> </div> <div class="refsect1 notes" id="refsect1-function.session-destroy-notes"> <h3 class="title">Notes</h3> <blockquote class="note"><p><strong class="note">Note</strong>: <p class="para"> Only use <span class="function"><a href="function.session-unset.html" class="function">session_unset()</a></span> for older deprecated code that does not use <var class="varname"><var class="varname"><a href="reserved.variables.session.html" class="classname">$_SESSION</a></var></var>. </p> </p></blockquote> </div> <div class="refsect1 seealso" id="refsect1-function.session-destroy-seealso"> <h3 class="title">See Also</h3> <p class="para"> <ul class="simplelist"> <li class="member"><a href="session.configuration.html#ini.session.use-strict-mode" class="link">session.use_strict_mode</a></li> <li class="member"><span class="function"><a href="function.session-reset.html" class="function" rel="rdfs-seeAlso">session_reset()</a> - Re-initialize session array with original values</span></li> <li class="member"><span class="function"><a href="function.session-regenerate-id.html" class="function" rel="rdfs-seeAlso">session_regenerate_id()</a> - Update the current session id with a newly generated one</span></li> <li class="member"><span class="function"><a href="function.unset.html" class="function" rel="rdfs-seeAlso">unset()</a> - Unset a given variable</span></li> <li class="member"><span class="function"><a href="function.setcookie.html" class="function" rel="rdfs-seeAlso">setcookie()</a> - Send a cookie</span></li> </ul> </p> </div> </div><hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.session-decode.html">session_decode</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.session-encode.html">session_encode</a></div> <div class="up"><a href="ref.session.html">Session Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>