Posted by Chris Shiflett on 02/22/05 20:19

> When a session object is created - where is it store?

Assuming you mean session data, it is stored on the server, in /tmp by
default.

> To destroy the session object (widht all session vairables inside the
> particluar session object) can I use session_destroy();

http://www.php.net/session_destroy says:

"session_destroy() destroys all of the data associated with the current
session. It does not unset any of the global variables associated with the
session, or unset the session cookie."

This means that session_destroy deletes the particular record from the
session data store. It does not act on the cookie nor the $_SESSION
superglobal array.

Hope that helps.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security - O'Reilly HTTP Developer's Handbook - Sams
Coming Soon http://httphandbook.org/

[Back to original message]