Destroy PHP session on page leaving

Question

I need to destroy a session when user leave from a particular page. I use session_destroy() on the end of the page but its not feasible for me because my page has pagination. My page is: abc.php?page=1 or abc.php?page=2 or abc.php?page=3.

So, I need to destroy a session when a user leaves from abc.php page. How can I do it without using a cookie?

Answer 1

Doing something when the user navigates away from a page is the wrong approach because you don't know if the user will navigate to a whole different page (say contact.php for the sake of the argument) or he/she will just go to the next page of abc.php and, as Borealid pointed out, you can't do it without JS. Instead, you could simply add a check and see if the user comes from abc.php:

First, in your abc.php file set a unique variable in the $_SESSION array which will act as a mark that the user has been on this page:

$_SESSION['previous'] = basename($_SERVER['PHP_SELF']);

Then, add this on all pages, before any output to check if the user is coming from abc.php:

if (isset($_SESSION['previous'])) {
   if (basename($_SERVER['PHP_SELF']) != $_SESSION['previous']) {
        session_destroy();
        ### or alternatively, you can use this for specific variables:
        ### unset($_SESSION['varname']);
   }
}

This way you will destroy the session (or specific variables) only if the user is coming from abc.php and the current page is a different one.

I hope I was able to clearly explain this.

Answer 2

To trigger when the user actually leaves the page, you must use Javascript to send an asynchronous request back to the server. There's no way for the server to magically know the user has "left" a page.

See http://hideit.siteexperts.com/forums/viewConverse.asp?d_id=20684&Sort=0 .

Answer 3

I had a similar issue but mine was on a page reload I wanted variables that I had printed to be destroyed. It was for my login for my web design class I was making error feed back for if user put in a bad username or password. I could get the error to display but if I hit refresh page they errors would just stay there. I found that by just setting the variable to nothing after it printed would kill it. Take a look at what i did:

<p>To access my website please Login:</p>
<form name='login' action="./PHP_html/PHP/login.php" method='post'>
Username: <input type='text' name='username' /><div><?php print $_SESSION['baduser']; $_SESSION['baduser'] = "";?></div><br />
<div style="padding-left: 4px">Password: <input type='password' name='password' /><div><?php print $_SESSION['badpass']; $_SESSION['badpass'] = "";?></div></div>
<input type='submit' value='Login' /> or you can <a href="./Terms.php">Register</a>

I don't know if this helps at all but it worked for me.

Also, thanks to all you that post on sites like this to help those of us who are still learning.