Sessions over when browser closes!

jonsof

How can i achive that?

For example when someone close his browser by accident or by desire then the session have to be cleared.

fredouille

it is not possible

BuzzLY

Cookies get cleared when you quit the browser. So... do this:

Set a cookie when you set the session. Whenever you load a page, check for the existence of the cookie. If it exists, then the session is fine. If not, then close the session and reopen it, setting the cookie in the process.

Be advised, this is all theory. It is up to you to try it out. Anyone have a practical example of this? I should think it would work... but obviously only with cookies that are set to expire when the browser closes.

Good Luck!

fredouille

where have you seen that cookie get deleted when the navigator is closed ?

jonsof

So then can i do something else.

For example if someone close the browser then the session value is deleted, is it?

Is this god for http authentication namely the script at the begenning checks the session variable if exists else execute the dynamically generated graphics, is this correct?

BuzzLY

fred, that is the nature of cookies. If you don't specify an expiration date, they expire when you close the browser. If you do specify an expiration date, then they will expire after the date you specify. The former is called a session cookie, and the latter is called a persistent cookie. Many sites use these to record your username and password so you don't have to log in every time you visit a site. However, if you have things that need to be stored only for as long as a site is being visited, such as shopping cart information, you should use cookies that expire when the browser closes.

I suggest you read this article, An Introduction to Cookies, to get better acquainted with them.

rebelo

A recent application I made used this sort of method. Basically, we had a check on everypage for $COOKIE['session_id'] and if it found the cookie, it would open the session related to that id. If it didn't find it, it would create a new session and set the new session id to the cookie. Every time a page is loaded, another session var $SESSION['page'] would set to the current page, so that users will return to the right section when they login if they were dropped (if they log out manually, then $_SESSION['page'] resets to the index page.

You would use the session_id() function for doing this stuff, so when the session is first created,
setcookie("session_id", session_id(), $time);

Where $time is the seconds you want the cookie to live. For this project, it was on a secure backend page so we used a month timeout.

Hope that helps.

BuzzLY

That's pretty cool, rebelo. It's similar to what I suggested, with the exception of the timeout. In jonsof's case, I suggest creating the cookie with the session_id, and always checking the cookie before accessing the session. He should create a session cookie (no timeout specified), so that when the browser is closed, the cookie dies. When the browser opens, the cookie is found to be missing when hitting the page, and the old session is closed, and a new session created. I think this is the functionality jonsof is looking for...

However, in this case, it seems a little redundant to create a session variable. If you want variables that are persistent, but die upon closing the browser, simply create cookies for those variables. Wouldn't that do what you wanted to do, jonsof? Or am I missing something?

jonsof

I am not allowed to use cookies!🙁🙁

So it doesn't matter but i would like to ask something unanswerable in my previous post

Is this god for http authentication namely the script at the begenning checks the session variable if exists else execute the dynamically generated graphics, is this correct?