destroying a session on logout

[kjeff215]

In my code, on logout the user's session variables are simply nullified.
I need to know if I can actually destroy a session(object) on the server on logout.

the purpose:
to insure security and free up memory on the server

any help would be appreciated

thanks in advance

 

[Sarky78]

something like this will work, as sessions are stored in a structure, so by clearing the structure for the session will destroy the session

<CFLOCK TIMEOUT=&quot;10&quot; THROWONTIMEOUT=&quot;No&quot; SCOPE=&quot;Session&quot; TYPE=&quot;EXCLUSIVE&quot;>
<CFSCRIPT>
StructClear(#Session#);
</CFSCRIPT>
</CFLOCK>

 

[kjeff215]

so this will actually kill the session on the server?

structClear(#session.variable1#)
structClear(#session.variable2#) and so on

I have to manually do a structClear for each session variable or is there a way to tell cfserver to destroy all session variables associated with a cftoken(which we are not carrying in the url but still resides in the user's browser as a session cookie)

 

[imstillatwork]

this works for the users entire session

<cfscript>
Structclear(Session);
</cfscript>

 

[imstillatwork]

it works because you clear the entire structure, not just part of it.