PHP - Session destroy after closing browser

前端 未结 9 1408
陌清茗
陌清茗 2020-11-27 07:43

Though this question has multiple duplicates i could not find proper solution for me. Need Some help.

I have used ini_set(\'session.cookie_lifetime\', 0);

相关标签:
9条回答
  • 2020-11-27 08:20

    There's one more "hack" by using HTTP Referer (we asume that browser window was closed current referer's domain name and curent page's domain name do not match):

    session_start();
    $_SESSION['somevariable'] = 'somevalue';
    
    if(parse_url($_SERVER["HTTP_REFERER"], PHP_URL_HOST) != $_SERVER["SERVER_NAME"]){
        session_destroy();
    }
    

    This also has some drawbacks, but it helped me few times.

    0 讨论(0)
  • 2020-11-27 08:23

    If you want to change the session id on each log in, make sure to use session_regenerate_id(true) during the log in process.

    <?php
    session_start();
    session_regenerate_id(true);
    ?> 
    
    0 讨论(0)
  • 2020-11-27 08:27

    Use a keep alive.

    On login:

    session_start();
    $_SESSION['last_action'] = time();
    

    An ajax call every few (eg 20) seconds:

    windows.setInterval(keepAliveCall, 20000);
    

    Server side keepalive.php:

    session_start();
    $_SESSION['last_action'] = time();
    

    On every other action:

    session_start();
    if ($_SESSION['last_action'] < time() - 30 /* be a little tolerant here */) {
      // destroy the session and quit
    }
    
    0 讨论(0)
提交回复
热议问题