Solved

kill php session on page exit

Posted on 2012-03-11
3
286 Views
Last Modified: 2012-04-05
I would like for the session to be killed as soon as the visitor exits the browser (close tab or browser) or navigates away from any page related to the site, I create the session in the header which is an includes.

Thanks
0
Comment
Question by:prowebinteractiveinc
  • 2
3 Comments
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 37708012
The session will only be killed if the client closes the last instance of the browser or if the browser is idle for (about) 24 minutes.  The last instance means the last tab and the last window.  That is just the way it works.  Try to design your app so it will work in consonance with the existing guidelines and you will be OK.
0
 

Author Comment

by:prowebinteractiveinc
ID: 37708078
what if I expire the session after lets say 10-15min of inactivity, then if the user is on the public site, it simply renews the session_id(); otherwise if the user is in a logged in area, it will log him out, sounds like that function would be more secure..
0
 
LVL 109

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 37709565
The part that is going to be difficult for you is this part:

what if I (emphasis added) expire the session...

That line of inquiry suggests that the server can initiate an action, and that is contrary to the design of the client-server architecture.  Clients make requests.  Servers respond.  That is all that can happen.  Here's the issue.  Where am I right now?  You do not know whether I am at a computer terminal, whether I am looking at your web site or another web site, or in the kitchen getting a cup of coffee, or whether I have left to take the dog for a walk.  You know that I was here when I typed this, but that is "ancient history" in computer terms by the time you read what I typed.  The point is that you do not get any signal on page exit.  In fact the whole concept of page exit does not exist.  You only get a signal (called a "request") when a client sends a request to your server.

A sensible design will take advantage of the way things already work.  

This article may be able to show you some of the design patterns that make sense for PHP client authentication.  Please read it over then see if you still have questions.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Popularity Can Be Measured Sometimes we deal with questions of popularity, and we need a way to collect opinions from our clients.  This article shows a simple teaching example of how we might elect a favorite color by letting our clients vote for …
Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question