ConFoo 2025

session_unset

(PHP 4, PHP 5, PHP 7, PHP 8)

session_unsetDétruit toutes les variables d'une session

Description

session_unset(): bool

session_unset() détruit toutes les variables de la session courante.

Liste de paramètres

Cette fonction ne contient aucun paramètre.

Valeurs de retour

Cette fonction retourne true en cas de succès ou false si une erreur survient.

Historique

Version Description
7.2.0 Le type de retour de cette fonction est désormais booléen. Auparavant, c'était void.

Notes

Note:

Si vous utilisez $_SESSION utilisez unset() pour détruire une variable de session, i.e. unset($_SESSION['nomvariable']);.

Attention

Ne détruisez pas $_SESSION avec unset($_SESSION) car cela désactivera la possibilité d'enregistrer des variables de session à partir du tableau superglobal $_SESSION.

Note:

Utilisez seulement session_unset() pour du vieux code obsolète qui n'utilise pas $_SESSION.

Attention

Cette fonction ne fonctionne que si une session est active. Elle ne videra pas le tableau $_SESSION si la session n'a pas encore été démarrée ou si elle a déjà été détruite. Utilisez $_SESSION = [] pour supprimer toutes les variables de session même si la session n'est pas active.

add a note

User Contributed Notes 3 notes

up
39
tim at leethost dot com
12 years ago
I was having a problem clearing all session variables, deleting the session, and creating a new session without leaving old session stuff behind in all browsers. The below code is perfect for a logout script to totally delete everything and start new. It even works in Chrome which seems to not work as other browsers when trying do logout and start a new session.

<?php
session_start
();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(),'',0,'/');
session_regenerate_id(true);
?>
up
25
jerry
9 years ago
The difference between both session_unset and session_destroy is as follows:

session_unset just clears out the session for usage. The session is still on the users computer. Note that by using session_unset, the variable still exists. session_unset just remove all session variables. it does not destroy the session....so the session would still be active.

Using session_unset in tandem with session_destroy however, is a much more effective means of actually clearing out data. As stated in the example above, this works very well, cross browser. session_destroy is destroy the session. session_destroy() to kill all session information.....This is the more secure function to use.
up
0
christian+php at
5 months ago
The solution provided by tim at leethost dot com is nice but you must check a active session first, because else you fill the logs with PHP Errors or Notices depending on your settings. I use it as a function, and it works smooth.

```php
/** @return void */
public static function sayonara():void
{
if (session_status() !== PHP_SESSION_ACTIVE) :void
{
session_start();
session_unset();
session_destroy();
session_write_close();
setcookie(session_name(), '', 0, '/');
session_regenerate_id(true);
}
}

sayonara();
```
To Top