[eluser]kurucu[/eluser]
You have it exactly.
Assuming you enable database storage, then yes CI creates and maintains rows in a dedicated MySQL table. It also looks after all the parameters you listed in the array for you. If you don't switch on DB storage, then session information is stored in the cookie itself.
With regards to knowing when the user disappears/leaves - you can't. To 'know' when they have left, you rely on one of these things:
- That they close the browser, so the cookie is lost and, therefore, so is any reference to the unique session ID
- That they press log out on your website
(- That no one else intercepted the ID and is using it to continue someone else's session. This is a commonly accepted fault, and has a number of prevention measures including using HTTPS.)
In other words, unless they log out, all you know is that they didn't come back within the session timeout time.
If it is critical then you could set up a timer to watch the database and perform some tidying up actions, but generally you should design your site such that them not coming back is not detrimental to its performance.
