For example, if a user just closes the browser window without logging out (the PHP script unsetting and destroying the session and expiring the session cookie), by default the cookie used to store the session ID will have expired the next time the user opens the browser so s/he won't have access to the same session.
But what happens with the file on the server side that was used to save the session data and what happens with the session data itself?
Will it still be available?
There are parameters called session.gc_divisor and session.gc_probability that you can configure in php.ini or in the .htaccess.
These parameters give the probability (gc_probabiltiy/gc_divisor) to execute the garbage collection of the sessions at every request.
The garbage collection is a process whick check if the last modification of the session file is older than session.gc_maxlifetime and remove it if it is !
So yes, the data are still available for a while on your server.
