Destroying a specific session in Code Igniter

Create a new column in the ci_session table.

ALTER TABLE `yourdatabase`.`ci_sessions` ADD COLUMN `userid` VARCHAR(45) NULL  AFTER `user_data` ;

Then in your login function get the id from your login process and before adding the userdata information to the session do:

/* Delete any existing sessions with the current userid session.Note - a new session has already been generated but doesn't have a valuein the userid column, so won't get deleted. */$this->db->delete('ci_sessions',array('userid' => $identity));    // Get the current session and update it with the userid value.$session_id = $this->session->userdata('session_id');$this->db->where('session_id', $session_id);$this->db->update('ci_sessions', array('userid' => $identity));

Where $identity is your userid. That clears any previous sessions and means only one exists at a time.

There is the function to destroy some items/session you want

$this->session->unset_userdata('session_name')

And to allow one user to log in one computer at a time or one browser at a time you can read more here

Allow one session only at a time

One of the problems with serialized data is that there's no legitimate way to query it. You'll have to get all users in the session (could be a lot) and unpack the data, check for the value, then delete the row in the session table, effectively destroying that session.

foreach ($this->db->get('sessions')->result() as $session){    $data = unserialize($session->user_data);    if ( ! isset($data['user_id'])) continue;    if ($data['user_id'] === $id_to_delete)    {        // delete the row            $this->db->where('session_id', $session->session_id)                ->delete('sessions');    }}

I would probably discourage this. Every user on your site, logged in or not, has a session that would have to be picked through, and remember: one user could possibly have more than one session so you'd have to cycle through every one.

Another approach could be to add a custom column to the session table with the user id (or a hash of the id). Something that you can query against to find the user's session quickly. Then, when you add the user_id to the session, populate this column, and when you need to delete the session by user_id it can be done quickly and efficiently.