I want sessions working on this path:
domain.com/sessions
and I want them turned off for this path:
domain.com/sessions-off
Any idea on how I can do this? Once you've called session_start(), how do you make it so the server won't output a session cookie?
Once you've set a cookie, it's the browser that sends it on each request, not the server. If you don't like the cookies being sent, the traditional way to deal with that is to have a new subdomain, as the cookie is scoped to the subdomain it was set on. If you just want $_SESSION to be blank, don't call session_start().
In apache you can try setting:
Header unset Cookie
Header unset Set-Cookie
In the .htaccess file under domain.com/sessions-off
1) if you store session data on server side, then you can use session_destroy() on the beginning of your page.
2) if you use cookies on client side, you need to do that via js
you can look here for details : javascript - delete cookie