如何在不注销的情况下销毁php会话?

Here is the code I'm using to log in a user :

下面是我用来登录用户的代码:

    if($username==$db_username&&$password==$db_password)
    {
        session_start();
        echo 1;
        header("Location: index2.php");
        $_SESSION['username']=$db_username;

Now, this is supposed to assign a session to the username who has logged in. In my application, I don't have a log out option so I go to the log in page and send another username and password. So when these new information are sent, the old session must be destroyed and a new session to the new user should be assigned. Can I do that ?

现在，它应该将一个会话分配给已登录的用户名。在我的应用程序中，我没有一个注销选项，所以我将登录页面并发送另一个用户名和密码。因此，当这些新信息被发送时，旧的会话必须被销毁，并且应该给新用户分配一个新的会话。我能做到吗?

3 个解决方案

#1

Write logout.php and unset() the session.

写注销。php和unset()会话。

session_start();
unset($_SESSION['username']);

#2

What you can do is instead of using session_destroy (logout system) use the session_unset function to clear all session variables. Then use session_regenerate_id() to create a new session id and dump the old one(this is done automatically, you might have to send a 'true' boolean parameter along with that function), and assign new data to $_SESSION['username']

您可以使用session_destroy(注销系统)使用session_unset函数来清除所有会话变量。然后使用session_regenerate_id()创建一个新的会话id并转储旧的会话id(这是自动完成的，您可能需要将一个“true”boolean参数与该函数一起发送)，并将新数据分配给$_SESSION['username']

Check the docs for session_regenerate_id()

检查文档的session_regenerate_id()

#3

You should better use the session destroy method. It destroys all data which were stored into the session.

您应该更好地使用会话销毁方法。它销毁存储在会话中的所有数据。

session_start();

//add some code of your app here

session_destroy();

#1