完全销毁会话的最佳方法-即使未关闭浏览器 [英] Best way to completely destroy a session - even if the browser is not closed

问题描述

够了

session_start();   //  Must start a session before destroying it

if (isset($_SESSION))
{
    unset($_SESSION);
    session_unset();
    session_destroy();
}

当用户从菜单中选择Log out却不退出浏览器时?我想完全删除会话和$_SESSION

when the user selects Log out from a menu, but does not quit his browser? I want to totally remove all existence of the session and $_SESSION

推荐答案

根据

According to the manual, there's more to do:

为了完全终止会话，就像注销用户一样，还必须取消设置会话ID.如果使用cookie传播会话ID(默认行为)，则必须删除会话cookie. setcookie()可以用于此目的.

In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that.

手动链接提供了有关如何执行此操作的完整示例.从那里被盗:

The manual link has a full working example on how to do that. Stolen from there:

<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

// Finally, destroy the session.
session_destroy();
?>

这篇关于完全销毁会话的最佳方法-即使未关闭浏览器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！