How to kill a/all php sessions?

Question

I have a very basic php session login script. I want to force logout of a certain user or force logout of all users.

How can I read all sessions made to my website,

Answer 1

I will create a txt file containing the token which has the same value as the generated login session as a comparison every time the user is logged in:

if($_SERVER['REQUEST_METHOD'] == 'POST') {
    $token = sha1(uniqid(mt_rand(), true));
    if($everything_is_valid) {
        // Set login session
        $_SESSION[$_POST['username']] = $token;
        // Create token file
        file_put_contents('log/token.' . $_POST['username'] . '.txt', $token);
        // Just to be safe
        chmod('log/token.' . $_POST['username'] . '.txt', 0600);
    }
}

Checks for logged in user(s):

if(isset($_SESSION['charlie']) && file_exists('log/token.charlie.txt') && $_SESSION['charlie'] == file_get_contents('log/token.charlie.txt')) {
    echo 'You are logged in.';
}

So, if you want to force this charlie user to be logged out, simply remove the token file:

// Force logout the `charlie` user
unlink('log/token.charlie.txt');