Clear session variable after use

php session forms post login

60,410

Solution 1

That looks like it should work. Make sure you call session_start() before trying to use the session, and always exit() or die() after a redirect header.

I accomplish what you're doing a little differently. I keep a 'message' element in the session. I'll stick text in like 'Your data was saved', error messages, etc. Then, on each page (actually in a page template class), I check to see if the $_SESSION['message'] is set and not empty. If there's something there, I display the message and set the value to an empty string or null.

Solution 2

I noticed a small error in the original example that might cause other problems.

unset($_SESSION['showUpdated'];

needs to be

unset($_SESSION['showUpdated']);

Not including that end ) in the unset will cause an error.

Solution 3

I do this from time to time. I never have any problems with it. But what I would add to yours is an exit() function call after the header redirect.

EDIT: The reason for the exit() is that it will prevent it from processing any further code and will eliminate the possibility of unset before you wanted to check after the redirect.

Solution 4

The header call without an exit after will continue running the page.

header("Location: http://www.mysite.com/settings");
exit;

Using that instead, should kill the page and not unset the session variable on the same page call.

Solution 5

Just check to see if it exists. This is safe to do before it has been defined and will tell you your answer after it has been defined.

if(!empty($_SESSION['showUpdated'])) {

View more solutions

60,410

Author by

steveneaston

Updated on July 05, 2022

Comments

steveneaston almost 2 years
Is it possible to use a session variable, then unset it directly after?

Example:
```
//====
//Process Form
if ($_POST['Submit']) {
    $update = $userSettings->update($_POST);

    //If there are form errors
 if (!$update) {
        //Load the errors into an array
        $errors = $update[1];
    } else {
        //Set the session
        $_SESSION['showUpdated'] = true;

        //Redirect to this page
        header("Location: http://www.mysite.com/settings");
    }
}

//==================

if ($_SESSION['showUpdated']) {
 echo "Settings Updated";
    unset($_SESSION['showUpdated'];
}
```
So after the form is submitted, if there are no errors:
- Set a session to say the form submission was okay
- Reload the page (to prevent re-submitted POST data)
- If the 'showUpdated' session variable is set, display the "Updated" message
- Unset the session variable (so we don't see the message on next reload)
Currently the problem is, if you unset the session variable straight after; It is as if you have un-set it before the "if exists" part.

Any solutions? Is this even the best way to do it?

Many thanks!
Anders S almost 14 years

Exists is not a function, do you mean isset?
Ilia Hadzhiev almost 14 years

Yeah, like that. Can you tell that it has been a little while since I coded in PHP? Thanks @Anders S
Ilia Hadzhiev almost 14 years

I went with !empty since, if I am not mistaken, it will not throw any warnings, errors, or exceptions if the array or key do not exist.
Anders S almost 14 years

If all you care about is if the variable exists or not you should use isset. Empty will return true if the variable is an empty string, 0, NULL, false or an empty array.
Ilia Hadzhiev almost 14 years

In this case, there will always be a value, so I am not worried about empty strings, 0, NULL, false, or an empty array. I thought empty would not log a warning if the array key did not exist, while isset will.