What exactly does session_unset() do?
Moderator: General Moderators
What exactly does session_unset() do?
What exactly does session_unset() do?
php.net says "The session_unset() function frees all session variables currently registered." I guess I need this translated. I'm not sure what "frees" means in this context.
Does this mean it unsets all session variables? If so, is there any difference between this function and $_SESSION = array(); ?
Thanks,
J
php.net says "The session_unset() function frees all session variables currently registered." I guess I need this translated. I'm not sure what "frees" means in this context.
Does this mean it unsets all session variables? If so, is there any difference between this function and $_SESSION = array(); ?
Thanks,
J
- novice4eva
- Forum Contributor
- Posts: 327
- Joined: Thu Mar 29, 2007 3:48 am
- Location: Nepal
Re: What exactly does session_unset() do?
did you try it out???
Re: What exactly does session_unset() do?
session_unset will unset all the variables. if you are trying this for logout functionality , you could add session_destroy() also just to be on the safer side. could you elaborate on what exactly you are trying to do?
Re: What exactly does session_unset() do?
Yes. Thanks for the helpful post.novice4eva wrote:did you try it out???
@miyur Thanks. A discussion about how best to log out users is what sparked my interest in this, but at this point I really just wanted more information on session_unset.
I was hoping to get a more elaborate explanation. Notice how unset() and session_unset() are described differently below. Perhaps I am reading too much into it. If session_unset was described as "unset all session variables" or "destroy all session variables" I may not have asked the question.
unset from PHP.net:
unset — Unset a given variable
Description
void unset ( mixed $var [, mixed $var [, mixed $... ]] )
unset() destroys the specified variables.
session_unset from PHP.net:
session_unset — Free all session variables
Description
void session_unset ( void )
The session_unset() function frees all session variables currently registered.
If you read the user comments on the session_unset page there is a lot of talk about destroying sessions in order to log people out. There is even code that calls session_unset and then $_SESSION = array() afterwords. Its my experience that these two things do exactly the same thing.
Here is some code I experimented with:
Code: Select all
<?php
error_reporting(E_ALL);
session_start();
$_SESSION['test'] = 'test';
print_r($_SESSION);
session_unset();
//$_SESSION = array();
echo $_SESSION['test'];
print_r($_SESSION);
exit;- novice4eva
- Forum Contributor
- Posts: 327
- Joined: Thu Mar 29, 2007 3:48 am
- Location: Nepal
Re: What exactly does session_unset() do?
Firstly glad to be some help
Then, I had no intention to offend you, sorry if i did so.
session_unset and $_SESSION=array() have slight differences.
If you look at session_destroy, you will be notified that session_unset is used for older deprecated code that does not use $_SESSION, but this is still usable maybe for backward compatibilty.
session_unset and session_destroy are not similar either while function unset is more for killing particular session value.
This may help.
What would come as a surprise to me is, session_destroy will not clear the session in the calling page itself BUT if you move on to next page(or reload the page), the sessions are all destroyed. Same was the case for session_unset if it was called in some other page. I.E. try this and tell us what you get:
So i think it would be advisable for you to either do session_destroy/session_unset followed immediately by a redirect(or else session values are still availble for the code that follows), or yes $_SESSION=array() since this will cause the session to be empty array from that point onward.
Peace...coz we need it a lot
Then, I had no intention to offend you, sorry if i did so.
session_unset and $_SESSION=array() have slight differences.
If you look at session_destroy, you will be notified that session_unset is used for older deprecated code that does not use $_SESSION, but this is still usable maybe for backward compatibilty.
session_unset and session_destroy are not similar either while function unset is more for killing particular session value.
This may help.
Code: Select all
//file test1.php
session_start();
$_SESSION['session1'] = 'xyz';
$_SESSION['session2'] = 'abc';
$_SESSION['session3'] = '123';
echo '<pre>';
print_r($_SESSION);
echo '</pre>';
/*
Array
(
[session1] => xyz
[session2] => abc
[session3] => 123
)
*/
unset($_SESSION['session1']);//unset($_SESSION) cannot be done
echo '<pre>';
print_r($_SESSION);
echo '</pre>';
/*
Array
(
[session2] => deewen
[session3] => deewen
)
*/
session_destroy();
echo '<pre>';
print_r($_SESSION);
echo '</pre>';
/*
Array
(
[session2] => abc
[session3] => 123
)
*/
session_unset();
echo '<pre>';
print_r($_SESSION);
echo '</pre>';
/*
Array
(
)
*/
Code: Select all
//file test1.php
session_start();
$_SESSION['session1'] = 'xyz';
$_SESSION['session2'] = 'abc';
$_SESSION['session3'] = '123';
?>
<?php
//file test2.php
session_start();
session_unset();
echo '<pre>';
print_r($_SESSION);
echo '</pre>';
/*
Array
(
[session1] => xyz
[session2] => abc
[session3] => 123
)
*/
Peace...coz we need it a lot
Re: What exactly does session_unset() do?
No worries. Thanks for the good post. The code you posted was easy to follow and helpful.novice4eva wrote:Firstly glad to be some help![]()
Then, I had no intention to offend you, sorry if i did so.
Peace...coz we need it a lot
So to sum up, if one would like to clear/delete/free/destroy all session variables, but not the session itself, one should do what (PHP5+) ?
session_unset() or $_SESSION = array()?
Or maybe it doesn't matter...
Thanks again,
J
- novice4eva
- Forum Contributor
- Posts: 327
- Joined: Thu Mar 29, 2007 3:48 am
- Location: Nepal
Re: What exactly does session_unset() do?
Humm this is rather confusing, clear/delete/free/destroy all session variables = free session itself, but this doesn't mean we can't use session variables there after, we just lose out all the values the session was holding.JasonDFR wrote: So to sum up, if one would like to clear/delete/free/destroy all session variables, but not the session itself, one should do what (PHP5+) ?
I would say almost same, but as you can see in the previous post, i you set some session variables in one page and do session_unset() in another, the sessions will be unavailable for that page for that instant, but not after you reload the page. OK this is what i got in my comp when i tried things out.JasonDFR wrote: session_unset() or $_SESSION = array()?
Lets say you logged in and i saved your name in a session in a page called "login.php".
So this is how is goes:
Code: Select all
//file:login.php
session_start();
//If login successfull
$_SESSION['USR_NAME']='JasonDFR';
//then redirect to helloUser.php page.
Code: Select all
//file:helloUser.php
session_start();
if(isset($_SESSION['USR_NAME']))
echo 'hi there '.$_SESSION['USR_NAME'];
else
//redirect to login page, user is not there
Code: Select all
//file:logout.php
session_start();
session_unset();//or session_destroy
if(isset($_SESSION['USR_NAME']))
echo 'eii session still not destroyed for the user'.$_SESSION['USR_NAME'];
else
echo 'ya session cleared';
Code: Select all
//file:logout.php
session_start();
session_unset();//or session_destroy
//redirect to login page, coz a redirect would then clear up the session values after session_unset
Code: Select all
//file:helloUser.php
session_start();
if($_GET['log_me_out']==1)
session_unset();
if(isset($_SESSION['USR_NAME']))
echo 'hi there '.$_SESSION['USR_NAME'];
else
//redirect to login page, user is not there
But i believe session_destroy is more often used than session_unset, i generally use session_destroy, but i seriously didn't know that session_destroy will still not flush the data until a refresh...maybe coz i always did redirects after a session_destroy!!
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Re: What exactly does session_unset() do?
$_SESSION = array() will have the same end-result as using session_unset()... the internals of what is going on may be different but it won't impact on your development.
The reason session_destroy() doesn't empty the session on the current request is because it's only deleting the file contents for the session (i.e. the persistent storage for it... be it a row in a database, or a file on disk). The variables that were already created during the request will remain in memory.
When you do $_SESSION = array(), the session is emptied in memory, and then at the end of the request when session_write_close() is triggered the emptied session is persisted (having the same result as session_unset() has, though session_unset() probably commits the changes immediately rather than as the script is shutting down).
The reason session_destroy() doesn't empty the session on the current request is because it's only deleting the file contents for the session (i.e. the persistent storage for it... be it a row in a database, or a file on disk). The variables that were already created during the request will remain in memory.
When you do $_SESSION = array(), the session is emptied in memory, and then at the end of the request when session_write_close() is triggered the emptied session is persisted (having the same result as session_unset() has, though session_unset() probably commits the changes immediately rather than as the script is shutting down).