Why Session object destruction failed

Asked 18/12, 2011 at 4:8 Answered 26/1, 2022 at 8:17

I get "Session object destruction failed" when I use session_destroy().

session_start();
if(isset($_SESSION['user_id'])){    
    $_SESSION=array();
    if(isset($_COOKIE[session_name()])){
        setcookie(session_name(),'',0,"/");
    }
    session_destroy();
}

What causes this error?

Washroom answered 18/12, 2011 at 4:8 Comment(8)

Why do you want to suppress the error, rather than fix it? – Overwinter 18/12, 2011 at 4:15

perhaps because of $_SESSION=array(); or calling session_name() before session_start()? not sure which one is right... – Impassable 18/12, 2011 at 4:19

Only the first two lines make sense, the rest of the code is baffling. I don't think you understand how $_SESSION works. Just call session_start() and use it. – Fortyfour 18/12, 2011 at 4:21

can you post the full error message? – Canberra 18/12, 2011 at 4:24

Error: Warning: session_destroy(): Session object destruction failed - it's rather trivial, no session has been started, so you can't destroy it. The @ operator is not always active, e.g. with error reporting functions. – Aerostat 18/12, 2011 at 4:28

Are you using a custom session handler by any chance? Guessing no or you would have mentioned it in the question, but worth a shot. – Hyo 18/12, 2011 at 4:56

@Corbin: Yes I was, there is no error when I disable my error handler. but I removed the "@" and still get the error (when my handler active) – Washroom 18/12, 2011 at 5:8

Not a session error handler, but a custom session [save] handler, as registered with session_set_save_handler. – Hyo 18/12, 2011 at 5:10

Error:

Warning: session_destroy(): Session object destruction failed

It's rather trivial, no session ~~has been started~~ object has been comitted, so you can't destroy it.

The @ operator is not always active, e.g. with error reporting functions.

Edit:

1) What causes this error?

This error is normally caused when PHP tries to delete the session file, but it can't find it.

In your case with session_destroy there is only one place in PHP which causes this. That's when the session.save_handler (see as well session_set_save_handler) returns FALSE for the destroy action. This can depends which type of save-handler you use, the default one is files. With that one, when the session.save_path setting is wrong (e.g. not an accessible directory), this would cause such an error.

2) Why would the "@" not be suppressing the error?

That depends how the output is created and on PHP configuration. @ does not always work. For example callbacks registered with set_error_handler will still receive these messages.

Aerostat answered 18/12, 2011 at 4:29 Comment(12)

There is, at least technically, a session_start() right at the top of the quoted code. – Overwinter 18/12, 2011 at 4:30

Maybe started, but not yet comitted, see session_commit. – Aerostat 18/12, 2011 at 4:34

So the answer is to session_write_close() before session_destroy()...? – Overwinter 18/12, 2011 at 4:37

No, technically not because you can't destroy a session that is not active. See session_destroy. The general problem with the question is, that the @ has been added for some reason and that reason needs to be known to tell what is going on here. Session state can be tricky in edge-cases. – Aerostat 18/12, 2011 at 4:39

"@" not needed, just an attempt to get around the problem. How can you test for an active session? I thought that the line with isset(used_id would do that. – Washroom 18/12, 2011 at 4:44

So where do you get the error message? In STDOUT? And since when does the error occurs? – Aerostat 18/12, 2011 at 4:45

Well just remembered, session_commit might not unset the session id, so probably this can solve the issue. However, if session.save_path is wrong, this won't help either. – Aerostat 18/12, 2011 at 4:48

"What is STDOUT?" - STDOUT is Standard Output, in PHP that is what the browser displays. Are you seeing the error message in your browser or inside some log files? – Aerostat 18/12, 2011 at 4:49

Was getting error from log file, turned off my error handling routine and do not get the error anymore! What? – Washroom 18/12, 2011 at 4:51

the error handler get's all errors, including those you try to hide away with the @ operator - the handler callback is still invoked so (error level 0). Just don't use the @ operator to "solve" things, use it wisely. In this case, don't use it. Instead check if your session.save_path configuration is correct. PHP gives you a hint about an error which you should fix, but you need to first find out what's wrong. – Aerostat 18/12, 2011 at 4:53

I'm running into the same problem when a session was created and then needs to be destroyed on the same script before it was ever created on the browser. I don't see a solution to this problem here. – Dustan 20/4, 2018 at 18:2

@LStarky: Please - if the code you have is not the same as here - create a new question and give the example with it of what you have there. Also report with that question which session save handler you're using. If it is the same, do not destory a session that has not yet been created. In PHP you can learn about a session state via: session_status() – Aerostat 22/4, 2018 at 7:40

In my case I was trying to destroy session before cookie was created. In other words I did something like:

session_start();
...
session_destroy();

So the server didn't have a chance to 'contact' with the browser before destroying the session. Simple solution that worked for me was

session_start();
...
$_SESSION=array();

Wriggly answered 27/7, 2016 at 9:18 Comment(0)

Use this code:

if(session_status() === PHP_SESSION_ACTIVE) {
    session_unset();
    session_destroy();
}

Fein answered 26/1, 2022 at 8:17 Comment(0)

-2

If you are using an autoloader, it may be failing to load a class that is saved in the session.

Syntactics answered 2/6, 2017 at 10:50 Comment(0)

Recommended topics

Hot tags