[eluser]WanWizard[/eluser]
Care to elaborate how a link to the manual is helping here?
@novice32:
You are doing a redirect are you?
Because the session library contains an inconsistency, it reads the session record once, when you load the session. If in a single page request you destroy the session and create a new one, userdata will still contain the old values. Same for destroy, you would expect the userdata to be gone after a destroy, but it isn't.