how to log off a session when the browser window is closed?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
leonardobii
Forum Newbie
Posts: 17
Joined: Fri Sep 02, 2005 8:47 pm

how to log off a session when the browser window is closed?

Post by leonardobii »

So I created user authentication and session handling scripts, but I cant figure out how to log off a session when the browser window is closed? any suggestions?
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

from php manual
session.cookie_lifetime integer
session.cookie_lifetime specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means "until the browser is closed." Defaults to 0. See also session_get_cookie_params() and session_set_cookie_params().
do more reading on, http://uk.php.net/session
leonardobii
Forum Newbie
Posts: 17
Joined: Fri Sep 02, 2005 8:47 pm

Post by leonardobii »

thanks, but would there be a way without using cookies?
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

You'd need a session timeout to acheive it well. So basically the user is logged off after X minutes of inactivity.

I guess you could use javascript with an unload event but it won't work in all cases.
leonardobii
Forum Newbie
Posts: 17
Joined: Fri Sep 02, 2005 8:47 pm

Post by leonardobii »

thanks but ive already considered all those options, but can't find anything reliable. it seems that there is no proper way of doing it.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

the only reliable way is using the lifetime, it doesn't require cookies because it's based on the last usage time of the session storage unit.
leonardobii
Forum Newbie
Posts: 17
Joined: Fri Sep 02, 2005 8:47 pm

Post by leonardobii »

thanks man, makes thing more clear.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

this is useful to close session after some period of inactivity.

Code: Select all

<?php
session_start();
if (!isset($_SESSION["last_access"])){
	$_SESSION["last_access"] = time();
}else{
	//echo $_SESSION["last_access"]."<br />"; //last access time
	//echo time()."<br />"; //current time
	//echo time() - $_SESSION["last_access"]."<br />"; //difference between current time and last access time
	if (time() - $_SESSION["last_access"] > 5*60){ //expire time set to five minutes
		//echo "session deleted!!!";
		session_destroy(); //destroys all session variables
		setcookie(session_name(), "", time() - 10); //destroys the session itself which is actually transported via cookie
		//unset($_COOKIE[session_name()]); //this also could be used to destroy the session cookie; alternative for the former
	}
}
?>
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

or you can just ask PHP to handle it automatically. The following are directives you can toggle anywhere you like (.htaccess, php.ini, your script)
session.gc_divisor
session.gc_maxlifetime
session.gc_probability
leonardobii
Forum Newbie
Posts: 17
Joined: Fri Sep 02, 2005 8:47 pm

Post by leonardobii »

sorry, was lunchtime, im not familiar with those, could you post an example using those?

1. Where am I suppose to implement it? in what part of a page?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

leonardobii
Forum Newbie
Posts: 17
Joined: Fri Sep 02, 2005 8:47 pm

Post by leonardobii »

thanks feyd
Post Reply