如何从访问者浏览器中删除会话

Question

I have problem with session, I try unset($_SESSION) and session_unset() and session_destroy() session destroyed but still show in browser (cookie extension)

I want remove it finality like session_start(['cookie_lifetime' => 10]) but I not want set a time, I want only remove it in a location on my php code, any idea?

My code here:

<?php 
session_start();
$_SESSION['style'] = $style;
echo "Your style is : " . $style;
unset($_SESSION['style']);
session_destroy();

Answer 1

The session cookie stored in the browser simply contains a reference to the session ID on the server and does not contain any actual session data. All of that is stored solely on the server and it would actually be a huge security issue if it were stored client-side. If you delete the session on the server, this deletes all data stored on the server to do with that session and any attempt to re-authenticate using the old session ID will fail. If the browser sends an old session cookie back to the server after the session has been destroyed, it will simply be ignored by the server. Therefore there is no need to delete the session cookie from the user's browser since this will be done automatically by the browser when the window is closed. The recommended way to kill a session is simply to do:

$_SESSION = array();

However, with that said, if you want to manually force the cookie to be deleted for whatever reason:

<?php 
session_start();
$_SESSION['style'] = $style;
echo "Your style is : " . $style;
unset($_SESSION['style']);

if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', -1,
        $params["path"], $params["domain"],
        $params["secure"], $params["httponly"]
    );
}

session_destroy();