9three Posted January 31, 2009 Share Posted January 31, 2009 Hey, I'm using sessions for a log in. What I'm noticing though is that when I close the browser, the session does not destroy it self. I want the log in page to appear again if the browser is closed for security purposes. I'm just using a basic session nothing complex: $_SESSION['username'] = $username; $_SESSION['user_agent'] = 1; header('Location: index.php'); Link to comment https://forums.phpfreaks.com/topic/143215-solved-sessions-destroying-when-browser-closes/ Share on other sites More sharing options...
Lodius2000 Posted January 31, 2009 Share Posted January 31, 2009 are you using cookies? are you closing the browser window, or quitting the program? if closing the window, is it a firefox tab, sessions persist from tab to tab in 1 firefox window Link to comment https://forums.phpfreaks.com/topic/143215-solved-sessions-destroying-when-browser-closes/#findComment-751089 Share on other sites More sharing options...
9three Posted January 31, 2009 Author Share Posted January 31, 2009 No only sessions. And I close firefox completely. Link to comment https://forums.phpfreaks.com/topic/143215-solved-sessions-destroying-when-browser-closes/#findComment-751098 Share on other sites More sharing options...
uniflare Posted January 31, 2009 Share Posted January 31, 2009 try using this: setcookie("PHPSESSID",session_id(),null); This will work as long as you are using cookies for the sessions (if u dont see phpsessid=f849fh49h8f084 in every URL on ur site then ur using cookies). The cookie function when no argument is passed to the time part (null above), the cookie is usually destroyed upon browser exit. Hope this helps; EDIT: There is a php ini variable that is responsible for controlling the time a php session cookie remains intact. i believe: session.cookielifetime or similar. Link to comment https://forums.phpfreaks.com/topic/143215-solved-sessions-destroying-when-browser-closes/#findComment-751115 Share on other sites More sharing options...
9three Posted January 31, 2009 Author Share Posted January 31, 2009 Are there any security issues using cookies that I should watch out for? I've always used sessions for log ins. Hmm one more thing, I'm also using session regenerate id. Would that cause the trouble I am going through? Link to comment https://forums.phpfreaks.com/topic/143215-solved-sessions-destroying-when-browser-closes/#findComment-751118 Share on other sites More sharing options...
uniflare Posted January 31, 2009 Share Posted January 31, 2009 By default, sessions use cookies to store the "Session Identifier Key", in a cookie called PHPSESSID. IF you dont use sessions, you must pass the Session Identifier Via the URL, in the form of: http://www.web.com/index.php?phpsessid=a8b087ef087cb087a234 --- Cookies are as secure as form data, users can create.modify and delete cookies willingly, put whatever they want inside of them. As long as you properly "sanitise" the data coming from the cookie your script should be fine. Hope this helps, Link to comment https://forums.phpfreaks.com/topic/143215-solved-sessions-destroying-when-browser-closes/#findComment-751121 Share on other sites More sharing options...
9three Posted January 31, 2009 Author Share Posted January 31, 2009 That's weird, it's not doing it any more and I haven't changed anything. Weird. thanks the info. Link to comment https://forums.phpfreaks.com/topic/143215-solved-sessions-destroying-when-browser-closes/#findComment-751142 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.