• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Destroy session when the web browser is closed, its possible?

#1
[eluser]Unknown[/eluser]
Hello,

i'm working with CodeIgniter sessions, i would like to destroy the session when the user close the web browser or when the user left the web site, how it is possible?

#2
[eluser]Mirage[/eluser]
Setting sess_expiration to '0' should destroy the session when the browser is closed. Monitoring when a user leaves your website isn't really possible. There a tricks and hacks for that sort of thing that work with varying degrees of reliability usually involving javascript, but none of them have anything to do with the session.

Cheers
-m

#3
[eluser]Rick Jolly[/eluser]
Actually, setting the expiration to "0" will cause the session to continue indefinitely. See here for a hack: http://ellislab.com/forums/viewthread/70036/. Alternatively, you could use php native sessions, or the CI-like Native Session Library in the wiki. NGSession also supports this and there may be other contributions.

#4
[eluser]Mirage[/eluser]
Really? Wow - I stand correct then. It's been a while since I used the CI built-in session. I always though the sess_expiration controls the lifttime of the cookie. Guess I was wrong.... Sorry for the confusion...

Cheers
-m

#5
[eluser]beemr[/eluser]
I think since about 1.6, CI sessions have a session regeneration feature that should solve your concerns. By default, the sessions are regenerated every 5 minutes, but of course, you can customize that setting. If a user closes his browser, the session will not get regenerated at the next interval and will become invalid. Derek Allard posted a nice write-up about it at his blog.

#6
[eluser]Rick Jolly[/eluser]
[quote author="beemr" date="1221356998"]I think since about 1.6, CI sessions have a session regeneration feature that should solve your concerns. By default, the sessions are regenerated every 5 minutes, but of course, you can customize that setting. If a user closes his browser, the session will not get regenerated at the next interval and will become invalid. Derek Allard posted a nice write-up about it at his blog.[/quote]
I think that just regenerates (changes) the session id in the cookie to guard against session fixation. Nothing to do with dropping the session.

#7
[eluser]beemr[/eluser]
Wouldn't a stale session effectively give the OP the same results as a destroyed session?


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.