Solved

How do I clear all session variables once browser is closed + php

Posted on 2010-09-09
7
519 Views
Last Modified: 2012-05-10
Hi All,

How do I clear all session variables once browser is closed in php

Thanks in Advance.
0
Comment
Question by:Web_Sight
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 25

Expert Comment

by:Lee Savidge
ID: 33635384
0
 
LVL 4

Expert Comment

by:antonybrahin
ID: 33635395
I use the below to do that.

<% Response.CacheControl = "no-cache"; %>
<% Response.AddHeader("Pragma", "no-cache"); %>
<% Response.Expires = -1; %>
0
 
LVL 10

Expert Comment

by:bugada
ID: 33635493
weird question! You server can't know when you close your browser unless you send a logout messagge to the server before closing it, or maybe you implement a timeout function based on the inactivity of that session. Then you can do what suggested by isadvige.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 4

Expert Comment

by:antonybrahin
ID: 33635531
the session will be cleared when you reopen the site as we use no-cache
0
 
LVL 25

Accepted Solution

by:
Lee Savidge earned 500 total points
ID: 33635601
If you're trying to detect a browser close by the user, PHP won't pick that up as it is a server side language. You'd need to implement a javascript function that checks for the onunload and onbeforeunload events to post back to the server for a PHP script to pick up and then use the code in the links I provided.

Lee
0
 
LVL 10

Expert Comment

by:bugada
ID: 33636031
antonybrahin no-cache prevents caching (and it's not assured thought) and it has nothing to do with sessions.

If you close your browser, you invalidate your session, but the server is not informed about that.
If you reopen the browser a new session i established, so for the server there are two session actives.

Your method is probably influenced by a IE bug
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 33637757
You might want to learn about session garbage collection.  It's not exactly intuitive.  Some good reading here:
http://us2.php.net/manual/en/session.idpassing.php
http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime
http://www.php.net/manual/en/ref.session.php

In your case the session is almost certainly associated with a session cookie.  The cookie has a value that enables PHP to find a pointer to the session data on your server.  The cookie has an expiration date of zero, meaning that it expires when the last instance of the browser is closed.  Notice that I said, "browser" and not "window" or "tab" -- the difference is important.  Your browser has a single cookie jar, so all instances of all windows or tabs will return all the cookies.  This results in a common confusion among developers who test their login and logout scripts with multiple copies of Firefox running at the same time.

Once the browser is (completely) closed the session cookie is gone forever.  The discarded session data lives on your server until garbage collection, but it is in the dead zone, since there is no cookie anywhere that can enable PHP to find it any more.

If you're interested in the correct way to write a logout routine, you might find the example in this article helpful.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html?sfQueryTermInfo=1+30+login+logout

Regards, ~Ray
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

JavaScript can be used in a browser to change parts of a webpage dynamically. It begins with the following pattern: If condition W is true, do thing X to target Y after event Z. Below are some tips and tricks to help you get started with JavaScript …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now