Comments on: Destroy or Delete all session variables in PHP

By: wp programmer

wp programmer — Mon, 21 Jun 2010 13:57:21 +0000

Hi..,

This is easy to say how to set session and how to destroy the session.
I am easy to Understand.

Thanks a lot.

By: George Barr

George Barr — Thu, 15 Jan 2009 16:01:19 +0000

Hi,
PHP session variables are controlled by the server. They are directly associated with the current session and should not be accessible outwith that session. If you have session variables that are being picked up outside of the seesion then you have a PHP bug on the server. I would suggest you contact your hosting service regarding this as it can be a very high security risk.
regards
George

By: prajosh

prajosh — Sat, 14 Jun 2008 07:00:21 +0000

great article, helps me a lot

By: admin

admin — Sat, 03 May 2008 17:59:48 +0000

OK Raja,

Think of a case where you used a system/software and after you sign out another person comes to use the system/software in the same PC.

May be it can be a public PC or in Cyber Cafe.

If session variables are not properly destroyed and shows your email address, personal phone number and other private information that might be saved in session variables to another person.

How would you feel if you know this?

And also think of a situation, every user’s data is getting disclosed to the next person if they use the same PC.

Is not it dangerous?

By: RAJA

RAJA — Sat, 03 May 2008 17:47:39 +0000

How is it dangerous?