1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 3:41 am May 2, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Deleting the session and/or the session cookie

What's wrong with my code?

         

MatthewHSE

6:39 pm on Sep 14, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Well, just when I thought I was beginning to get a small measure of PHP proficiency, something like this pops up. I can't seem to delete session cookies or destroy the session itself.

After studying my eyes out on php.net and reading quite a few online tutorials about sessions and cookies, I created the following code. According to my reasoning, it should have started the session and set a cookie if possible. The session id would then be assigned to a variable, regardless of whether the cookie had been set or not.

After this, I have two sets of three "echo" statements, separated by the code that I thought would delete the session. In the first set, I had expected that the session ID would be echoed on the first line, then either the second or the third line but not both. In the second set of echoes, I expected that the session ID would still be echoed on the first line, but neither the second or the third. I further expected not to find a "mysession" cookie on my computer after loading this page, since it's supposed to be deleted by the time the page is actually generated and sent to the browser.

But it's not working. Not only does the second set of echo statements still show the session ID in places where I hadn't expected it, but the cookie is still on my computer even though it should have been deleted.

<understatement> Obviously I'm doing something wrong. </understatement>

But what? I'll be jiggered if I can find a problem; most of this is borrowed code anyway!

Thanks in advance,

Matthew 

<?php 
ob_start(); 
session_name(mysession); 
session_start(); 
if (!empty($_COOKIE['mysession'])) 
 { 
  $sessionid = $_COOKIE['mysession']; 
 } 
else 
 { 
  $sessionid = SID; 
 } 
echo '$sessionid:' . $sessionid . '<br>'; 
echo '$_COOKIE[\'mysession\']' . $_COOKIE['mysession'] . '<br>'; 
echo 'SID:' . SID; 
// Delete the session and the session cookie 
$_SESSION = array(); 
if (isset($_COOKIE[session_name()])) 
 { 
  setcookie(session_name(), '', time()-42000, '/'); 
 } 
session_destroy(); 
// Seeing if it all cleared okay... 
echo '<b>Cleared...</b><br>'; 
echo '$sessionid:' . $sessionid . '<br>'; 
echo '$_COOKIE[\'mysession\']' . $_COOKIE['mysession'] . '<br>'; 
echo 'SID:' . SID; 
ob_end_flush(); 
?>

hooperleed

1:56 pm on Sep 15, 2005 (gmt 0)

10+ Year Member



I'm having similar problems, If the browser doesn't accept cookies what happens - what is the

session.use_only_cookies

parameter for if there isn't an alternative.

Looking at your example I thing the ob_flush should be
straight after the destroy:

session_destroy();

ob_end_flush();

// Seeing if it all cleared okay...
echo '<b>Cleared...</b><br>';
echo '$sessionid:' . $sessionid . '<br>';
echo '$_COOKIE[\'mysession\']' . $_COOKIE['mysession'] . '<br>';
echo 'SID:' . SID;

--

This might help.

Let me know if you make any headway.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 3:41 am May 2, 2026