Why does my session remain?

I must be really stupid because it seems a fairly obvious thing is complet开发者_开发知识库ely confusing me right now.

I have a session...

ie $_SESSION['handbag_id'];

and at a certain point, I need to completely kill this session.

ie

// at the start of the page
session_start();

// elsewhere on the same page
unset($_SESSION);
session_destroy();

And yet, I can then go to another page, and do a

echo $_SESSION['handbag_id'];

And I've still got the same handbag_id as before.

What am I missing? Do I not understand how this works or do I have some server setting that reigns supreme over my desire to destroy its values?

Session functions can be very tricky. To completely kill a session you need to assign a new value to the $_SESSION superglobal. Otherwise, all you do is unloading session data from current script. This should work:

session_start();
$_SESSION = array();
session_write_close(); // Not required

If you also need to open an entirely new session, you can do this:

session_regenerate_id(FALSE);
$tmp = session_id();
session_destroy();
session_id($tmp);
unset($tmp);
session_start();

Update:

A related question you may find useful: Close session and start a new one

Don't do this

unset($_SESSION);

Do this

$_SESSION = array();

And finally

session_destroy();

use session_comitt before printing and see the magic :)