session destroy

Forum Moderators: coopster

Message Too Old, No Replies

session destroy

Lolalola

9:28 pm on Jul 14, 2009 (gmt 0)

When I am using one session all right.
But now I have 4 sessions and if they click the Log Out error is thrown:

Warning: session_destroy() [function.session-destroy]: Session object destruction failed in D:\wamp\www\index2.php on line 25

25 row:
session_destroy();

My code:


if(isset($_GET['Logout'])) {
  $query = 'UPDATE user SET
  time = "0000:00:00:00:00:00" WHERE user = "'.$_SESSION['name'].'"';
  $sql = mysql_query($query, $db_link) or die("Error");  session_destroy();
  echo "<meta http-equiv='refresh' content='1;URL=index.php'>";
  exit;
}echo '<a href=?Logout>Logout</a>';

Does not understand what it's bad.
Thanks in advance for the help

NomikOS

3:02 am on Jul 15, 2009 (gmt 0)

is not that easy work with sessions.

this is mandatory before use sessions (if you are getting $_SESSION['name']) is already done.
session_start();

first destroy all variables used
session_unset();
$_SESSION = array();

if use a cookie for propagate destroy it too
setcookie(session_name(), '');

finally
session_destroy();

penders

9:34 am on Jul 15, 2009 (gmt 0)

NomikOS: first destroy all variables used
session_unset();
$_SESSION = array();

PHP Manual - session_destroy() [uk2.php.net]

Note: Only use session_unset() for older deprecated code that does not use $_SESSION.

Lolalola: When I am using one session all right.
But now I have 4 sessions

Do you mean 4 variables within one session? Rather than 4 entirely separate sessions?

Lolalola

10:29 am on Jul 15, 2009 (gmt 0)

4 individual sessions:

$_SESSION['level']
$_SESSION['pass']
$_SESSION['name']
$_SESSION['favorite']

penders

11:32 am on Jul 15, 2009 (gmt 0)

4 individual sessions:

$_SESSION['level'] 
$_SESSION['pass'] 
$_SESSION['name'] 
$_SESSION['favorite']

That looks like 1 session, containing 4 session variables. In which case NomikOS's suggestion above should be all that's required (minus the

session_unset()

statement).

abidshahzad4u

1:40 pm on Jul 15, 2009 (gmt 0)

This is one session have four session variables.

You can destroy variables like unset($_SESSION["level"]) or $_SESSION["pass"]=""

Remember to use session_start() at the start of page.

jatar_k

2:16 pm on Jul 15, 2009 (gmt 0)

I think you'll find that you get this error when the session doesn't exist, possible fixes to resolve this warning

check you are using session_start() (as mentioned above)

test to see whether the session exists

if (isset($_SESSION)) {
session_destroy();
}

the great lengths to wipe all possibility of data is not really required, it used to be and some sites that are oddly configured make extra lengths sometimes necessary. In general a session_destroy will do it. You can dump the session before and after to see what's left.

for the paranoid, set each var individually to blank, then destroy and then enforce good garbage collection and short logout times, I wouldn't set the cookie, just me maybe but it isn't necessary.

session destroy

Lolalola

NomikOS

penders

Lolalola

penders

abidshahzad4u

jatar_k

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week