PHP 8.4.2 Released!

session_unset

(PHP 4, PHP 5, PHP 7, PHP 8)

session_unsetFree all session variables

Опис

session_unset(): bool

The session_unset() function frees all session variables currently registered.

Параметри

У цієї функції немає параметрів.

Значення, що повертаються

Повертає true у разі успіху або false в разі помилки.

Журнал змін

Версія Опис
7.2.0 The return type of this function is bool now. Formerly, it has been void.

Примітки

Зауваження:

If $_SESSION is used, use unset() to unregister a session variable, i.e. unset($_SESSION['varname']);.

Застереження

Do NOT unset the whole $_SESSION with unset($_SESSION) as this will disable the registering of session variables through the $_SESSION superglobal.

Зауваження:

The use of session_unset() is identical to $_SESSION = [].

Застереження

This function works only if a session is active. It will not clear the $_SESSION array if the session has not been started yet or has already been destroyed. Use $_SESSION = [] to unset all session variables even if the session is not active.

add a note

User Contributed Notes 3 notes

up
39
tim at leethost dot com
12 years ago
I was having a problem clearing all session variables, deleting the session, and creating a new session without leaving old session stuff behind in all browsers. The below code is perfect for a logout script to totally delete everything and start new. It even works in Chrome which seems to not work as other browsers when trying do logout and start a new session.

<?php
session_start
();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(),'',0,'/');
session_regenerate_id(true);
?>
up
25
jerry
9 years ago
The difference between both session_unset and session_destroy is as follows:

session_unset just clears out the session for usage. The session is still on the users computer. Note that by using session_unset, the variable still exists. session_unset just remove all session variables. it does not destroy the session....so the session would still be active.

Using session_unset in tandem with session_destroy however, is a much more effective means of actually clearing out data. As stated in the example above, this works very well, cross browser. session_destroy is destroy the session. session_destroy() to kill all session information.....This is the more secure function to use.
up
0
christian+php at
5 months ago
The solution provided by tim at leethost dot com is nice but you must check a active session first, because else you fill the logs with PHP Errors or Notices depending on your settings. I use it as a function, and it works smooth.

```php
/** @return void */
public static function sayonara():void
{
if (session_status() !== PHP_SESSION_ACTIVE) :void
{
session_start();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
}
}

sayonara();
```
To Top