How to delete session cookie on browser close, or optionally detect and force "new" session for a returning user. I want to prevent storing session cookies by "session managers" like addons in firefox and such.
Asked
Active
Viewed 8,959 times
1
-
is this for a server-side application or are you referring to 3rd-party cookies? – bcosca Nov 05 '10 at 10:50
-
it's for server-side application – Beiru Nov 05 '10 at 11:01
4 Answers
2
I guess you could use this :
session_set_cookie_params(0);
session_start();
Community
- 1
- 1
abhijitrucks
- 21
- 2
0
Session manager are designed to save session cookie : I don't think you can prevent their behavior.
However, you can set your php configuration to have a non-used session garbage collected really fast : Then the session, after a few amount of time (basically, 1 hour), will be invalidate. See the session.gc_maxlifetime parameter.
blue112
- 52,634
- 3
- 45
- 54
0
fortunately a website can't force anything to happen on the clients machine. if you don't want to rely on the browsers cookie-management and those addons, one way would be to not use cookies for sessions and use the good old session-id get parameter instread (or, alternatively, set the session-lifetime to something like 1 or 2 hours, but this isn't exactly what you wanted)
oezi
- 51,017
- 10
- 98
- 115
0
I don't think you'll be successful on this route.
If you need to log out the user so quickly, consider using a very short session lifetime (like, one minute) and keeping the session alive using a JavaScript setInterval or an iframe that refreshes itself every thirty seconds.
Pekka
- 442,112
- 142
- 972
- 1,088