0
0
PHPprogramming~10 mins

Destroying sessions in PHP - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Concept Flow - Destroying sessions
Start session
Unset session variables
Destroy session data
Delete session cookie
Session destroyed, user logged out
This flow shows how PHP destroys a session by unsetting variables, destroying data, and deleting the cookie.
Execution Sample
PHP
<?php
session_start();
$_SESSION['user'] = 'Alice';

// Destroy session
session_unset();
session_destroy();

// Delete session cookie
if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}
?>
Starts a session, sets a user, then unsets and destroys the session, and deletes the session cookie.
Execution Table
StepActionSession VariablesSession StatusOutput
1session_start()[]ActiveSession started
2$_SESSION['user'] = 'Alice'{'user': 'Alice'}ActiveUser set in session
3session_unset()[]ActiveSession variables cleared
4session_destroy()[]DestroyedSession destroyed
5Delete session cookie[]DestroyedSession cookie deleted
6End[]No active sessionSession fully removed
💡 Session destroyed and variables cleared, no active session remains
Variable Tracker
VariableStartAfter 1After 2After 3After 4After 5Final
$_SESSION[][]{'user': 'Alice'}[][][][]
Session StatusInactiveActiveActiveActiveDestroyedDestroyedNo active session
Key Moments - 2 Insights
Why do we call session_unset() before session_destroy()?
session_unset() clears all session variables but keeps the session active. session_destroy() removes the session data on the server. Both are needed to fully clear session info as shown in steps 3 and 4.
Does session_destroy() delete the session cookie automatically?
No, session_destroy() removes session data on the server but does not delete the cookie on the browser. You must delete the cookie manually if you want to remove it.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, what is the state of $_SESSION after step 3?
AEmpty array []
B{'user': 'Alice'}
CSession destroyed
DSession inactive
💡 Hint
Check the 'Session Variables' column at step 3 in the execution table.
At which step does the session become destroyed?
AStep 2
BStep 3
CStep 4
DStep 5
💡 Hint
Look at the 'Session Status' column to find when it changes to 'Destroyed'.
If you want to remove the session cookie from the browser, what should you do?
ACall session_unset()
BManually delete the cookie with setcookie()
CCall session_destroy()
DNothing, it deletes automatically
💡 Hint
Refer to the key moment about session_destroy() and cookie deletion.
Concept Snapshot
PHP sessions store user data on the server.
Use session_start() to begin.
Use session_unset() to clear variables.
Use session_destroy() to remove session data.
Delete session cookie manually to remove from browser.
This fully logs out the user.
Full Transcript
This visual execution shows how PHP destroys sessions step-by-step. First, session_start() activates the session. Then, a session variable 'user' is set to 'Alice'. Calling session_unset() clears all session variables but keeps the session active. Next, session_destroy() removes the session data on the server, marking the session as destroyed. Finally, the session cookie is deleted manually to fully remove the session from the browser. This process ensures the user is fully logged out and session data is cleared.