I'm creating a form that handles sensitive data which isn't to be stored on the server.
How can I ensure that the session files that are created, are deleted immediately after the form submission?
Should I be calling Session::destroy() or Session::clear_all()?
A couple of questions:
- * Are there any implications I should be aware of?
- * The user doesn't need to be logged in, but if they were logged in, would that cause them to be logged out if I called Session::destroy() or Session::clear_all()?
- * Is it possible to just clear the session variables related to the form's sensitive data?
Thanks very much.