Auto logout if browser is closed

Question

I have a requirement like, if user closes browser then upon the next access of the site user should be asked to login again: I have written the following code in .htaccess file which is working fine:

<IfModule mod_php5.c>    
    #Session timeout    
    php_value session.cookie_lifetime 1200    
    php_value session.gc_maxlifetime 1200    
</IfModule>

I am excited to know am I doing the correct thing, or is there any other best way to do this?

Well, as far as i know, if you do your login with `$_SESSION`s, that's the default behavior. — Rafael Barros, Jan 23 '14 at 12:04

score 2 · Answer 1 · answered Jan 23 '14 at 11:16

Set the session cookie parameters before you start your session.

session_set_cookie_params(0);
session_start();

Zero means "until the browser is closed".

This solution would be my personal "best" way of doing it, because you can control it per PHP-script, instead of site-wide. Also, it is clear from the PHP code, instead of relying on server-dependent settings.

Auto logout if browser is closed

1 Answers1