May 2, 2008 - PHP    6 Comments

Destroy or Delete all session variables in PHP

Sometimes I have seen that coders forges to delete all session variables when the user logs out or sign out. This can be dangerous since this is a security hole. From my own experience I have seen that the session variables may appear even after the sign out. I myself have seen this. This may happen because several people write codes in several ways. But what is important we must delete all session variables when the user signs out.

So, how can we delete all session variables and stop the session variables appear accidentally even after sign out?

Well. We can do it using only 3 lines of code and this is very easy too!

Add these following 3 lines of codes in your sign out code and all your session variables are destroyed!

But if you want to delete the session itself too, you need to add a few lines. So the final code will look like this.

Thus, we can destroy our session variables and keep the user secured one way.
