Best way to completely destroy a session - even if the browser is not closed

php

Solution 1:

According to the manual, there's more to do:

In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that.

The manual link has a full working example on how to do that. Stolen from there:

<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Finally, destroy the session.
session_destroy();
?>

Related

What does an assignment expression evaluate to in Java?
Running multiple launch configurations at once
Create a new line in Java's FileWriter
Is there a way to have content from an IFRAME overflow onto the parent frame?
JavaScript get TextArea input via .value or .innerHTML?
CSS :before on inline SVG
Fixed position navbar obscures anchors [duplicate]
FirebaseApp with name [DEFAULT] doesn't exist
Array Type - Rules for assignment/use as function parameter
Handle git branching for test and production
Can't throw error from within an async promise executor function
how to update an entity in Entity Framework 4 .NET