2

I need to close a session when the browser is closed, when it crashes, when a PC restarts, and so on.

I know there is cookie solution, but I need something secure, server side, because the user can delete the cookie.

Bart
  • 19,692
  • 7
  • 68
  • 77
el ninho
  • 4,183
  • 15
  • 56
  • 77
  • 3
    As far as I know this can't be done directly... You could check for user activity in a timespan of lets say 5 minutes and when someone is idle for that time -> destroy the session – DarkBee May 08 '13 at 11:27
  • possible duplicate..... [Destroy session when closing browser ][1] [1]: http://stackoverflow.com/questions/4146647/destroy-php-session-on-closing – user2362083 May 08 '13 at 11:36

4 Answers4

3

You dont have to. The garbage collector will clean up your sessions.

The php ini setting session.gc_maxlifetime determins how long a session can remain active.

When this value is exceeded the session is automatically removed.

Damien Overeem
  • 4,487
  • 4
  • 36
  • 55
2

This can not be done the way you imagine it. You can not directly react to such an event in php. The closest you can get is using ajax to keep the session alive.

  1. Create a small php script which does nothing but update $_SESSION['last_request'] lets call it pulse.php
  2. Insert a javascript in you pages which sends a request to yourdomain.com/api/pulse.php every 60 seconds.
  3. Check if the last request uis older than 70 seconds on every request if it is start your clean up script and kill the session. If the browser crashes your cleanup script will not run. The session will timeout the usual way unless you get a request after more than 70 seconds but before the session expires. You can fix this if you store the session data in a database. Then you can run a worker or a cronjob which regularly checks if there are sessions where the last request was more than 70 seconds ago. Why 70 seconds? If you expect a request once per minute you should allow some time for klatencys or slow hardware on the client side.
SagarPPanchal
  • 9,839
  • 6
  • 34
  • 62
Oliver A.
  • 2,870
  • 2
  • 19
  • 21
  • @Oliver..If we call the ajax file in every 70 second.it might effect on site speed or not ? – Vishal Sharma Apr 29 '14 at 07:33
  • @Vishal The server will have to handle more requests. But the php script can be very short and one additional request per minute should not really be a problem. – Oliver A. May 01 '14 at 21:56
0

Hi You don't need to close session. because its default behavior of session that it destroy the session when user close the browser. And we can alter this behavior by changing lifetime of session in php.ini file by doing session.cookie_lifetime = 0. Otherwise by default when you reopen the browser there will be no data in session.

Rupal
  • 1,111
  • 6
  • 16
-1

cookie delete automatic when user run crashed brouser.

in php no way to know when user close brouser.

some not easy way it's websocket and long poling connections, but it's not easy to configuration and not good idea.

smpl
  • 26
  • 2