50% OFF!!!

Wednesday, May 27, 2015

php | destroy/delete all sessions

I recently searched for an option deleting all running/active sessions,
for changing some important logic on my server.

just restarting apache won't help!
because php handles php-sessions by itself.

I wonder how to make it, without changing php code.
The solution, is to delete the PHP session files created by PHP engine.

Step #1 - find where PHP store php files
on php.ini there is configured session.save_path 
which points to the correct path.
by default, it configured to "" (empty), and it is:

  • On Ubuntu or Debian machines: saved on /var/lib/php5
  • On RHEL and CentOS systems: saved on /var/lib/php/session
  • If you need to find it: print session_save_path() on your php file.    You may run from command line:  php -r 'echo session_save_path(), "\n";'

Step #2 - just delete the files
Execute the following bash script:
rm  -f   /var/lib/php/session/*
rm  -f   /var/lib/php5/sess*
(-f will force delete without prompting!!) 

And that's it...
Now when a user will execute web-request, 
his session will be considered empty, 
and will be re-generated (under the same session name)

No comments:

Post a Comment