<?php
session_start(); // start session
session_destroy(); // Delete whole session
// OR
unset($_SESSION['username']); // delete any specific session only
?>
// Create a session variable called something like this after you start the session:
$_SESSION['user_start'] = time();
// Then when they get to submitting the payment, just check whether they're within the 5 minute window
if (time() - $_SESSION['user_start'] < 300) { // 300 seconds = 5 minutes
// they're within the 5 minutes so save the details to the database
} else {
// sorry, you're out of time
unset($_SESSION['user_start']); // and unset any other session vars for this task
}
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
?>
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
?>
All of a sudden neither session_destroy() nor $_SESSION=[] were sufficient to log out. I found the next to work:
<?php
setcookie(session_name(), session_id(), 1); // to expire the session
$_SESSION = [];
?>