Home/ Questions/Q 8322179
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T23:17:36+00:00

OK there are many simple session questions out there, but I can’t seem to

  • 0

OK there are many “simple session” questions out there, but I can’t seem to find what I’m after. It bugs me a little bit as the PHP document does not seem to explain this well.

Three fold questions.

  1. It says that session_destroy() wipes out the session data but not the global variable. So it wipes the data but the variables are still in tact? What does the documentation mean by global variables?

  2. What are the different types of ways that I can use to destroy session data, isn’t session_destroy enough? Why would you use the below coding as I’ve seen in some code examples:

    session_start();
$_SESSION = array();
session_destroy();

  3. Session seem to persist across browser instances. For example, IE9 will keep the same session id when two separate browsers are opened. Same with Chrome. Only when I close all the browsers, will I get a new session id. Is this always the case for all browsers? I want to know so that I can keep this in mind during my coding – wouldn’t want to find out later that some browsers are not persistent and my code thinks that it does, then run the risk of producing all sorts of errors.

Thanks in advance for anyone who can help me answer these questions.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team
    1. $_SESSION is the super global variable

    2. The session_destroy function is basicly enough. It deletes the session_file on the server where all session-variables are stored and removes the session-cookie. The variables are after the session_destroy call still in the memory, but changing these values has no effect (except you call session_start() again).

      But the code snippet removes the variables from the memory too. This is important if for example the application checks for $_SESSION['admin'] later in the same request to see if the user has admin rights.

      The session_start() function is needed because you need to load the session first to delete it.

    3. Sessions are not persistant across diffrent browsers, however they are persistant across all windows/tabs of the same browser. What happens if you close the browser really depends on your PHP-ini setting. session.cookie_lifetime defines how long (in seconds) the browser should keep the cookie (even after restart). If session.cookie_lifetime is set to 0 the browser deletes the session cookie when closing.

      session.gc_maxlifetime defines how long the webserver keeps the session file (without the session file the session-cookie is invalid)

    • 0