Home/ Questions/Q 6762823
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T14:24:17+00:00

I have searched many questions regarding session_destroy and the often response from the answerers

  • 0

I have searched many questions regarding session_destroy and the often response from the answerers involve quoting directly from the PHP manual which states the following:

session_destroy() destroys all of the data associated with the current
session. It does not unset any of the global variables associated with
the session, or unset the session cookie. To use the session variables
again, session_start() has to be called.

In order to kill the session altogether, like to log the user out, the
session id must also be unset. If a cookie is used to propagate the
session id (default behavior), then the session cookie must be
deleted. setcookie() may be used for that.

In a question asking “What is the difference between session_unset() and session_destroy() in PHP?“, the answerer mentions about $_SESSION variable and session storage but never go deep enough.

I think a lot of confusion arising from the function session_destroy is due to the lack of understanding regarding session data and mixing it up with $_SESSION variable. I would like to know what is the actual purpose of session data if $_SESSION variable already contains that data?

Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Simplified answer:

    The purpose for $_SESSION is to store data that you (as the web application developer) would like to have preserved across page loads. Thus, you can set flags in your login script such as logged_in to check if the user is logged in, and on any other page check $_SESSION['logged_in'] == true, instead of querying for that information.

    Your OP seems to assume that data is automagically present in $_SESSION. You as the developer determine what is placed in $_SESSION, it is not done for you.

    Hope this helps.

    Edit: I see. The data in the file stored at session.save_path is where PHP saves the information you store into the $_SESSION array. This is how PHP can reload the $_SESSION data across page loads. So, when a script begins execution and calls session_start, PHP fetches the appropriate data from the file at session.save_path and loads it into $_SESSION.

    At the start of a page’s execution, the data in session.save_path and $_SESSION are identical. However, the script may add or remove data from $_SESSION, which will eventually cause the file at session.save_path to be updated so that it reflects the changes made to $_SESSION.

    • 0