Unset Session When browser tab is closed
Session Cookies are usually sent without an expire time which means they are deleted when the browser is closed, so the session is lost anyway.
1) Destroy or unset session when user close the browser without clicking on logout
You can set an expiration time for the session data, test it with each session_start call and destroy the session if it’s expired:
session_start();
if (!isset($_SESSION['EXPIRES']) || $_SESSION['EXPIRES'] < time()+3600) {
session_destroy();
$_SESSION = array();
}
$_SESSION['EXPIRES'] = time() + 3600;
2) destroy session when broswer tab closed
implement a session timeout with own method. Use a simple time stamp that denotes the time of the last request and update it with every request:
You need to code something similar to this
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 1800)) {
// request 30 minates ago
session_destroy();
session_unset();
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time
3) How to change the session timeout in PHP?
session_start(); // ready to go!
$now = time();
if (isset($_SESSION['discard_after']) && $now > $_SESSION['discard_after']) {
// this session has worn out its welcome; kill it and start a brand new one
session_unset();
session_destroy();
session_start();
}
// either new or old, it should live at most for another hour
$_SESSION['discard_after'] = $now + 3600;
4) The unload event is sent to the window element when the user navigates away from the page. This could mean one of many things. The user could have clicked on a link to leave the page, or typed in a new URL in the address bar. The forward and back buttons will trigger the event. Closing the browser window will cause the event to be triggered. Even a page reload will first create an unload event.
$( window ).unload(function() {
//use ajax to call another page to session_destroy();
});
Question is: What if the user has two or more tabs open on your site? If they close one tab, the other one would effectively be logged out.
How to clear session on closing the browser tab?
Browsers only destroy session cookies when the entire browser process is exited. There is no reliable method to determine if/when a user has closed a tab. There is an onbeforeunload
handler you can attach to, and hopefully manage to make an ajax call to the server to say the tab's closing, but it's not reliable.
And what if the user has two or more tables open on your site? If they close one tab, the other one would effectively be logged out, even though the user fully intended to keep on using your site.
by : Marc b
Session Destroy when one browser tab gets closed
Due to the nature of the client/server model there is no easy way to do what you want. If the user may stay idle for a while after loading your page, he can also close the tab and open it again. You have no control of what the clients do in the client side. There are simple javascript methods to do this such as the unload event, but they are not reliable and often don't work.
You may use websockets to ensure the client is always connected or do several ajax requests in the background and keep a timeout of a few seconds in your session, but those methods will disconnect the user if his internet connection drops even for a few moments.
After session destroy or close browser tab or close browser execute logout using Laravel 5.2
The server does not know if the user has closed the browser window. You need to detect this event via javascript on the client side and notify the server manually.
See this answer: javascript detect browser close tab/close browser
How to kill session on browser tab or browser close in js?
The nature of http is stateless, so there's no way to differentiate between closing tab and page refresh.
If what you are trying to achieve is to prevent cases where users forgot to logout (destroying the session themselves) after using your web, what you could do is to have a short-lived session (10 minutes for instance) and reset the the session life back to 10 minutes every time the user does something. If the user is inactive for 10 minutes, the session would expires by itself.
Related Topics
Post to a Facebook Page Without "Manage_Pages" Permission Using PHP
How to Create Codeigniter Language Files from Database
Mysqli_Stmt::Execute() Expects Exactly 0 Parameters, 1 Given
Avoid Public Folder of Laravel and Open Directly the Root in Web Server
Laravel No Supported Encrypter Found. the Cipher And/Or Key Length Are Invalid
Create an Order Programmatically with Line Items in Woocommerce 3+
Laravel 5 Hasmany Relationship on Two Columns
How Is Testing the Registry Pattern or Singleton Hard in PHP
Reverse Geocoding with Google Map API and PHP to Get Nearest Location Using Lat,Long Coordinates
Fatal Error: Call to Undefined Function SQLsrv_Connect() in C:\Xampp\Htdocs
How to Avoid Code Repetition with PHP SQL Prepared Statements
Codeigniter Sessions Not Working After Migration
How to Remove the Leading Character from a String
PHP Cli Getting Input from User and Then Dumping into Variable Possible
How to Create a Twig Custom Tag That Executes a Callback
Downloading Attachments to Directory with Imap in PHP, Randomly Works