Menu
In the PHP documentation for session_unset() there is no hint that this function is deprecated so I think it's fine to use it. But then I read through the documentation about session_destroy() where I found this hint:
Note: Only use session_unset() for older deprecated code that does not use $_SESSION.
I know that the session_unset() function is an equivalent for $_SESSION = array();. So what should I use now? Why is on one site a hint that this function is deprecated but on the other hand in the documentation about the function itselfs there is not deprecated note. What's the truth about this function now?
686
Do NOT unset the whole $_SESSION with unset ($_SESSION) as this will disable the registering of session variables through the $_SESSION superglobal. Only use session_unset () for older deprecated code that does not use $_SESSION .
You can unset session variable using: 1 session_unset - Frees all session variables (It is equal to using: $_SESSION = array (); for older deprecated code) 2 unset ($_SESSION ['Products']); - Unset only Products index in session variable. ( Remember: You have to use like a... 3 session_destroy — Destroys all data registered to a session More ...
session_unset just clears out the session for usage. The session is still on the users computer. Note that by using session_unset, the variable still exists. session_unset just remove all session variables. it does not destroy the session....so the session would still be active. Using session_unset in tandem with session_destroy however, ...
If $_SESSION is used, use unset () to unregister a session variable, i.e. unset ($_SESSION ['varname']); . Do NOT unset the whole $_SESSION with unset ($_SESSION) as this will disable the registering of session variables through the $_SESSION superglobal. Only use session_unset () for older deprecated code that does not use $_SESSION .
I don't know the exact reason, too, but it can be found here I guess: https://github.com/php/php-src/blob/master/ext/session/session.c
PHP handles variables in ZVAL pointers and I think they just wanted the _SESSION superglobal to be handled the same way as any other variable, and not with a "special" command session_unset().
Another benefit is better garbage collection handling I think.
Sometimes, "deprecated" does not mean its a bad function, but you should not use it because code might be removed in future packages simply because it is not neccessary.
51
If you want to close the session you must use session_destroy().
session_destroy();
If you want to clear the variables of the session you must use:
$_SESSION = array();
And if you want to clear only one variable of the session you must use:
unset($_SESSION['example']);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With