Arcady Genkin wrote:
> I don't think that I grasp the difference between session_unset() and
> session_destroy() functions. Would anyone explain?
session_unset() frees session vars from memory.
session_destroy() delete session from session storage.
If you do session_unset(), it will results session with no session data.
If you do session_destroy(), it will results session with currently
registered data. (Unless you do session_unset()).
>
> Also, suppose that I want to totally wipe out an existing session, and
> then start a new one. Can I still do session_register() after I do
> session_unset() or session_destroy() or both?
I guess you can, but the session will have the session id. You must set
new session id with session_id().
If you want to start new session, simplest way is to set new session id,
since session data will be garbage collected eventually.
If you care about session hijacking, call session_destroy() then call
session_id().
Regards,
--
Yasuo Ohgaki
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
