I recently searched for an option deleting all running/active sessions,
for changing some important logic on my server.
Important:
just restarting apache won't help!
because php handles php-sessions by itself.
now,
I wonder how to make it, without changing php code.
The solution, is to delete the PHP session files created by PHP engine.
Step #1 - find where PHP store php files
on php.ini there is configured session.save_path
which points to the correct path.
by default, it configured to "" (empty), and it is:
- On Ubuntu or Debian machines: saved on /var/lib/php5
- On RHEL and CentOS systems: saved on /var/lib/php/session
- If you need to find it: print session_save_path() on your php file. You may run from command line: php -r 'echo session_save_path(), "\n";'
Step #2 - just delete the files
Execute the following bash script:
rm -f /var/lib/php/session/*
or
rm -f /var/lib/php5/sess*
rm -f /var/lib/php5/sess*
(-f will force delete without prompting!!)
And that's it...
Now when a user will execute web-request,
his session will be considered empty,
and will be re-generated (under the same session name)
No comments:
Post a Comment