I'm using the CI Session library and I need a way to destroy the session when the user closes the browser. Is there anyway to do this? Or is there a better way of doing it?
[eluser]Aea[/eluser]
Yes, and two ways to go about it (if you want the direct functionality).
- Very short session expire timers and JS updates sent to keep it active. This is a bit of a hack but it's reliable.
- Sending an AJAX request on close of the window.
or
- Semi short times so that session expire within a few minutes of the last action.
[eluser]Rick Jolly[/eluser]
PHP Native sessions (and the Native Session library in the Wiki) expire when the browser closes by default. That's because the session cookie is stored in memory on the client computer. Keep in mind that Firefox shares memory across all open browser windows and tabs and IE shares memory across tabs.
[eluser]Aea[/eluser]
PHP will not have that behavior, sessions do not magically expire when the browser closes because they are stored on the disk, which is why you can access a site using the same cookie even after you restart your browser Of course if you set a low cookie life span you can get a similar effect, which is what most secure applications do (and then send you a javascript warning that your session is expiring and can be extended by clicking okay).
[eluser]bikuta[/eluser]
Ok, so if I use a short cookie life span. I want to be able to automatically extend the session period using JS, I would probably make a request to the server using AJAX. However does it matter what kind of request I'm doing? i.e., could I just be calling a blank page?
[eluser]Aea[/eluser]
I don't have time to look into the CI Session, but yes, just make an AJAX request to a controller which returns nothing named refresh_session (or something to that extent) and set your cookie life span to 5 minutes and do that call every two and a half (or so).
Of course if you set a low cookie life span you can get a similar effect, which is what most secure applications do (and then send you a javascript warning that your session is expiring and can be extended by clicking okay).
