Destroy or unset session when user close the browser without clicking on logout
You can set an expiration time for the session data, test it with each session_start
call and destroy the session if it’s expired:
session_start();
if (!isset($_SESSION['EXPIRES']) || $_SESSION['EXPIRES'] < time()+3600) {
session_destroy();
$_SESSION = array();
}
$_SESSION['EXPIRES'] = time() + 3600;
PHP session destroy on closing the browser
Assuming you are using cookie-based sessions, set the timeout very aggressively.
http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime
You could also hook into the browser's unload event via JavaScript, and trigger a quick AJAX-request to your server that destroys the session.
http://eureka.ykyuen.info/2011/02/22/jquery-javascript-capture-the-browser-or-tab-closed-event/
I wouldn't rely on this client-side implementation, though - if the browser crashes, or the user force-closes it, that may not trigger the event. The browser itself may also limit how long it will give an onunload
event to complete, in consideration of the user. A combination of these two methods would probably be the most effective.
PHP - Session destroy after closing browser
The best way is to close the session is: if there is no response for that session after particular interval of time. then close. Please see this post and I hope it will resolve the issue. "How to change the session timeout in PHP?"
After session destroy or close browser tab or close browser execute logout using Laravel 5.2
The server does not know if the user has closed the browser window. You need to detect this event via javascript on the client side and notify the server manually.
See this answer: javascript detect browser close tab/close browser
Best way to completely destroy a session - even if the browser is not closed
According to the manual, there's more to do:
In order to kill the session altogether, like to log the user out, the session id must also be unset. If a cookie is used to propagate the session id (default behavior), then the session cookie must be deleted. setcookie() may be used for that.
The manual link has a full working example on how to do that. Stolen from there:
<?php
// Initialize the session.
// If you are using session_name("something"), don't forget it now!
session_start();
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
// Finally, destroy the session.
session_destroy();
?>
Destroy PHP Session on closing
if you use:
session_set_cookie_params(0);
session_start();
Your session cookie will destroy when the browser is closed... so your session will be good until they close the browser. IE. You login, and you are logged in, you close the browser, re-open it, go to the site again, and you wont be logged in.
Related Topics
PHP Include Error Not Findind the Path
How to Build a JSON Array from MySQL Database
PHP Check Whether Property Exists in Object or Class
Destroy or Unset Session When User Close the Browser Without Clicking on Logout
Laravel: How to Change the Default Auth Password Field Name
Use a Variable to Define a PHP Function
Sorting Laravel Collection via Array of Id'S
How to Get the Value After the Hash in "Somepage.Php#Name"
How to Get Client Ip Address in Laravel 5+
How to Dynamically Write a PHP Object Property Name
Difference Between Array_Map, Array_Walk and Array_Filter
How to Get Ruby Syntax Highlighting in PHPstorm
Storing Form Data as a Session Variable
Destroy PHP Session on Closing
How to Use Pdo's Prepared Statement for Order by and Limit Clauses