Destroy Session on Browser Close

[eluser]neofactor[/eluser]
I think I have the answer....

Change system/libraris/Session.php Line ~87

before:

Code:

// Set the session length. If the session expiration is
        // set to zero we'll set the expiration two years from now.
        if ($this->sess_expiration == 0)
        {
            $this->sess_expiration = (60*60*24*365*2);
        }

after:

Code:

// Set the session length. If the session expiration is
        // set to zero we'll set the expiration two years from now.
        if ($this->sess_expiration == 0)
        {
            $this->sess_expiration = (60*60*24*365*2);
            $this->sess_delete_after_browser_close = false;
        }
        elseif($this->sess_expiration == -1)
        {
            $this->sess_expiration = 60*60*24;
            $this->sess_delete_after_browser_close = true;
        }

The in the Application/Config/config.php
Change to:

Code:

$config['sess_expiration']         = -1;

Then re-initiate your session by logging out and recreating a session.
Closing browser shows the session is destroyed.



Questions I have...
Does this mean that my session is open FOREVER, until the browser is closed/quit?
No more timeout?
Why is this not a direct option in core CI version?


I appreciate any thoughts on this topic.