Esanteva
asked on
Deleteting browser session when closing TABs
I need to delete session variables when my users close the browser TAB in which they are working (I have non technical users that do not perform logout nor close the browser when they finish browsing my website in a shared PC after having had access with their own username and password, but just close the TAB in which they are working, so that the next user will be able to surf the site with username and password of the previous user). How can I do that in a way that works for all (or at least IE 7, FIreFox 2, FireFox 3) browsers?
I read somewhere that this problem cannot be solved in any way if the browser has a popup blocker setup. Is this true?
I read somewhere that this problem cannot be solved in any way if the browser has a popup blocker setup. Is this true?
Here's a thought, use getenv("HTTP_REFERER") at the top of all pages (probably where you also see if they are logged in). If it doesn't exist or isn't your domain, force a login.
ASKER
> If it doesn't exist or isn't your domain, force a login.
Do you mean forse a logout?
Do you mean forse a logout?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
> for all of these it would be the first time to your site, so, make them login
Almost. Several users (e.g. me) are used to open several TABs to the website and they do this by opening a new TAB then retyping the URL or using their Favorites. Would the check on getenv("HTTP_REFERER") work also in this situation?
Almost. Several users (e.g. me) are used to open several TABs to the website and they do this by opening a new TAB then retyping the URL or using their Favorites. Would the check on getenv("HTTP_REFERER") work also in this situation?
"opening a new TAB then retyping the URL or using their Favorites"
this would cause them to have to login again.
If you have a page open you could right click any link and 'open in new tab', this will not force them to login again
this would cause them to have to login again.
If you have a page open you could right click any link and 'open in new tab', this will not force them to login again
ASKER
> If you have a page open you could right click any link and 'open in new tab', this will not force them to login again
Yes, this is clear. I'm only trying to understand if there is a way that would allow me to delete the session variables when there are no more TABs open on the website without having to force a change of habits (mine and my users')
Yes, this is clear. I'm only trying to understand if there is a way that would allow me to delete the session variables when there are no more TABs open on the website without having to force a change of habits (mine and my users')
ASKER
Sorry for having waited so long before coming back to this question of mine. I was thinking if I could detect when a TAB is closed by using something like
<body onbeforeunload="closeSessi
and then in the closeSession function I could do some server side work by using AJAX? What do you think? Could that solve the problem?
<body onbeforeunload="closeSessi
and then in the closeSession function I could do some server side work by using AJAX? What do you think? Could that solve the problem?
This issue there is that if they have 2 tabs open then it will end the session when the first tab is closed.
ASKER
I see. Thanks.
What you can do is record activity with a custom session handler and if there has been no activity for ten minutes, log them out.