According to the manual "Do NOT unset the whole $_SESSION with unset($_SESSION) as this will disable the registering of session variables through the $_SESSION superglobal."
<?php
session_start();
$_SESSION['name'] = 'my_name';
unset($_SESSION);
echo $_SESSION['test'] = 'ok';
So according to the manual, the above code should not register the last statement. But the code outputs the string 'ok'. What is going on here?
It doesn't disable sessions. It simply disables the use of session_register. This is not a big deal, as session_register has been deprecated for a long time:
e.g. with this code:
<?php
$foo = 'bar';
session_register('foo');
print_r($_SESSION);
unset($_SESSION);
session_register('foo', 'bar2');
print_r($_SESSION); // line 8
$_SESSION['foo'] = 'bar3';
print_r($_SESSION);
you get
Array
(
[foo] =>
)
PHP Notice: Undefined variable: _SESSION in /home/marc/z.php on line 8
Array
(
[foo] => bar3
)
note the warning. You've unset $_SESSION, then try to session_register... but this doesn't create a NEW $_SESSION, it simply fails.
This is a better testcase:
session_start();
$_SESSION['test'] = 'value';
unset($_SESSION);
var_dump($_SESSION);
This code however, will output 'something' because you assign it just before echoing.
echo $_SESSION['something'] = 'something';
I believe what it means is that $_SESSION['test'] will not automatically be saved in the session any more. If you print $_SESSION['name'] on another page, it should be myname, but $_SESSION['test'] should be empty.