What is the difference between session_unset() and session_destroy() in PHP?
From the php.net documentation:
session_destroy — Destroys all data registered to a session
session_unset — Free all session variables
My three part question is:
The two functions seem very similar.
What is really the difference between the two?
Both seem to delete all variables registered to a session. Does any of them actually destroy the session itself? If not, how do you accomplish this (destroy the session itself).
Is it correct that neither of the two functions deletes the session cookie at the client?
session_unset just clears the $_SESSION variable. It’s equivalent to doing:
$_SESSION = array();
So this does only affect the local $_SESSION variable instance but not the session data in the session storage.
In contrast to that, session_destroy destroys the session data that is stored in the session storage (e.g. the session file in the file system).
Everything else remains unchanged.
session_destroy(); is deleting the whole session.
session_unset(); deletes only the variables from session - session still exists. Only data is truncated.
session_unset();
Just clear all data of all session variable.
session_destroy();
Remove all session.
Example:
session_start();
session_destroy();
$a = "1234";
$_SESSION[a] = $a;
$_SESSION[a]isNULL.
session_start();
session_unset();
$a = "1234";
$_SESSION[a] = $a;
$_SESSION[a]is1234.
So, I will use:
session_start();
session_destroy();
session_start();
$a = "1234";
$_SESSION[a] = $a;
session_unset() will clear the $_SESSION variable (as in array()), but it won't touch the session file. But when the script ends; the state of the $_SESSION will be written to the file. Then it will clear the file but won't delete it. When you use session_destroy() it won't touch $_SESSION (Use var_dump($_SESSION) after session_destroy()), but will delete the session file, so when script exits there won't be a file to write the state of the $_SESSION.
session_destroy() will delete the session after moving the page and session_unset() will delete session when the code is run.
I tried to use session_unset($_SESSION['session_name']) thinking it will only unset specific or individual/single session name. But using session_unset($_SESSION['session_name']) will only unset all session name. The right code to use is only unset($_SESSION['session_name']) if you want to unset a single session name.
I think session_destroy() and session_unset() should be used at the same time to make sure that session data is surely deleted.
'developer tip' 카테고리의 다른 글
| Inspecting standard container (std::map) contents with gdb (0) | 2020.09.21 |
|---|---|
| Java Thread Garbage collected or not (0) | 2020.09.21 |
| Monitor vs lock (0) | 2020.09.21 |
| 어레이 변경을 관찰하는 방법은 무엇입니까? (0) | 2020.09.21 |
| HTML5 동영상 크기 (0) | 2020.09.20 |