tags:

views:

47

answers:

2
Q: 

How to unset the session in PHP Using Javascript?

How to unset the session in PHP Using Javascript?

+2  A: 

You can't do it directly using JavaScript as the session is handled solely by the server; you'll need to do an Ajax call to a PHP script that unsets the session.

BoltClock  2010-06-17 09:26:17
If the cookies aren't HTTP only you could modify them with javascript right? If so, that would kill the session.
Graphain  2010-06-17 09:28:44
@Graphain: Good point. You'd still to send something to the server to let it know the cookie is gone though.
BoltClock  2010-06-17 09:54:03
@BoltClock technically, the server does not need to know the cookie is gone. If the session storage is not touched, it will be garbage collected after session.gc_maxlifetime seconds
Gordon  2010-06-17 10:04:41
+4  A: 

Kill the Session Cookie.

Gordon  2010-06-17 09:26:32
how?????????????
OM The Eternity  2010-06-17 09:27:04
If you don't know how to use cookies in PHP you should not be anywhere near sessions.
Graphain  2010-06-17 09:29:00
...this is the "dirty way" while BoltClock has the "clean way". Which one will you choose? ;-)
Palantir  2010-06-17 09:29:16
@Palantir Granted, it does not *immediately* unset the session on the server, but if the server cannot identify the session from the request anymore, the session will time out sooner or later.
Gordon  2010-06-17 09:57:40
@Gordon: I used the word "dirty" to imply a hack. If you create a session with session_start, you are supposed to kill it with a timeout, or a session_destroy, to be future-proof (in case something changes in the future versions of PHP, for example if they start using flash cookies instead of normal ones). You are overriding PHP's mechanism, so this is the reason I believe this is a hack. This said, killing the cookie will work for sure, unless he is passing PHP using SIDs on query strings, but who is doing that anyway? is PHP still falling back to it, if cookies are disabled?
Palantir  2010-06-17 11:51:11
@Palantir I wouldn't call it a hack. When the `session.cookie_lifetime` expires regularly it is not informing the server about that either. It's just gone, while the storage on the server is still there until it gets gc'd. just like `session_destroy()` would remove the session data but not unset the cookie. It just depends on what you wanna do: delete the session data or delete the link to it (or both).
Gordon  2010-06-17 12:33:09

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases