Welcome Guest, Not a member yet? Register   Sign In
Destroy session when the web browser is closed, its possible?
#1

[eluser]Unknown[/eluser]
Hello,

i'm working with CodeIgniter sessions, i would like to destroy the session when the user close the web browser or when the user left the web site, how it is possible?
#2

[eluser]Mirage[/eluser]
Setting sess_expiration to '0' should destroy the session when the browser is closed. Monitoring when a user leaves your website isn't really possible. There a tricks and hacks for that sort of thing that work with varying degrees of reliability usually involving javascript, but none of them have anything to do with the session.

Cheers
-m
#3

[eluser]Rick Jolly[/eluser]
Actually, setting the expiration to "0" will cause the session to continue indefinitely. See here for a hack: http://ellislab.com/forums/viewthread/70036/. Alternatively, you could use php native sessions, or the CI-like Native Session Library in the wiki. NGSession also supports this and there may be other contributions.
#4

[eluser]Mirage[/eluser]
Really? Wow - I stand correct then. It's been a while since I used the CI built-in session. I always though the sess_expiration controls the lifttime of the cookie. Guess I was wrong.... Sorry for the confusion...

Cheers
-m
#5

[eluser]beemr[/eluser]
I think since about 1.6, CI sessions have a session regeneration feature that should solve your concerns. By default, the sessions are regenerated every 5 minutes, but of course, you can customize that setting. If a user closes his browser, the session will not get regenerated at the next interval and will become invalid. Derek Allard posted a nice write-up about it at his blog.
#6

[eluser]Rick Jolly[/eluser]
[quote author="beemr" date="1221356998"]I think since about 1.6, CI sessions have a session regeneration feature that should solve your concerns. By default, the sessions are regenerated every 5 minutes, but of course, you can customize that setting. If a user closes his browser, the session will not get regenerated at the next interval and will become invalid. Derek Allard posted a nice write-up about it at his blog.[/quote]
I think that just regenerates (changes) the session id in the cookie to guard against session fixation. Nothing to do with dropping the session.
#7

[eluser]beemr[/eluser]
Wouldn't a stale session effectively give the OP the same results as a destroyed session?




Theme © iAndrew 2016 - Forum software by © MyBB