How to properly kill sessions in zend framework?

Question

This is how I set sessions

$this -> sess = new Zend_Session_Namespace('user');
$this -> sess -> username = "Bob";
$this -> sess -> admin = "1";

And this is how I kill it

setcookie("mycookiename",md5(rand(10,1200)),time() - (60 * 60),"/",".site.com");
$_SESSION = array();
session_destroy();
$this -> _redirect('/');

but it still keeps the $this->sess->admin as '1' ... username is gone but admin stays as one. What's the correct way to delete ALL sessions associated with the client?

If I do

$this->sess->admin = 0;

Then it works, but I doubt this is the right way for each session variable that i hold.

I also tried

setcookie("mycookiename",md5(rand(10,1200)),time() - (60 * 60),"/",".site.com");
Zend_Session::namespaceUnset($this->sess);

and it didn't work, it didn't close any sessions.

`Zend_Session::namespaceUnset($this->sess)` first result on google — Esailija, May 09 '12 at 11:50
Like so? setcookie("sl",md5(rand(10,1200)),time() - (60 * 60),"/",".site.com"); Zend_Session::namespaceUnset($this->sess); It didn't work. — Darius, May 09 '12 at 11:51

score 20 · Accepted Answer · answered May 09 '12 at 12:01

To delete ALL sessions associated with the client use this:

\Zend_Session::destroy( true );

This will delete the entire session and also send a header request to the client to remove any cookies associated with the session. You can alternatively set the parameter of this method to false to not delete the user cookies. But please note:

Zend_Session::destroy(true) must either be called before PHP has sent HTTP headers, or output buffering must be enabled. It will destory all of the persistent data associated with the current session. However, no variables in PHP are affected, so your namespaced sessions (instances of Zend_Session_Namespace) remain readable.

To remove these use the following approach:

$ns = 'auth'
$namespace = new \Zend_Session_Namespace( $ns );
$namespace->unsetAll();

Please see here for further information

score 10 · Answer 2 · answered May 09 '12 at 12:02

10

To destroy particular session do

Zend_Session::namespaceUnset('user');

answered May 09 '12 at 12:02

Mr Coder

8,169
5
45
74

That's probably a better option than mine in this case. +1 – vascowhite May 09 '12 at 12:03

score 4 · Answer 3 · answered May 09 '12 at 11:53

4

You can use

Zend_Session::destroy($remove_cookie = true, $readonly = true);

See the manual

answered May 09 '12 at 11:53

vascowhite

18,120
9
61
77

2

@darius It is surprising what you can find out by reading the [manual](http://framework.zend.com/manual/en/reference.html). I didn't know how to do it either before reading your question. – vascowhite May 09 '12 at 11:57
I'm new to Zend Framework and was trying out the methods on this site http://zendgeek.blogspot.com/2009/07/zend-framework-session-usage-and.html but they weren't working for me, so I thought maybe I was putting the code in the wrong sections or something. And the manual confuses me at times, maybe I'm not cut out for this programming stuff lol. Once again, thank you. – Darius May 09 '12 at 12:00

How to properly kill sessions in zend framework?

3 Answers3