Recently I have developed a web application with codeigniter. I am facing a session related problem there badly.
Problem scenario:
If user A logged into the application then the user id set in session. After doing task user A closed his browser and leave the computer. A little while later user B came and open browser and see the application was in logged in state. or when user B write down the url and press enter it directly redirected into the application without any authentication by using the previous session.
I used the following configuration for session:
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 1800;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = FALSE;
$config['sess_table_name'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update'] = 300;
Now my question is how can i destroy all the session with closing browser or browser tab in codeigniter?
Edit the config.php
file and set sess_expire_on_close
to true
.
e.g
$config['sess_expire_on_close'] = TRUE;
You can use javascript and asynchron request. When you close the window, the handler of window.onunload is called
var unloadHandler = function(e){
//here ajax request to close session
};
window.unload = unloadHandler;
To solve the problem of redirection, php side you can use a counter
class someController extends Controller {
public function methodWithRedirection(){
$this->session->set_userdata('isRedirection', 1);
//here you can redirect
}
}
class homeController extends Controller{
public function closeConnection(){
$this->load->library('session');
if($this->session->userdata('isRedirection')!== 1){
//destroy session
}
}
}
Add a logout button.
Have that button destroy the session with CI's built in destroy function.
$this->session->sess_destroy();
Have a look at this, and see if this helps.
https://github.com/EllisLab/CodeIgniter/wiki/PK-Session
Well, I don't know if you already had the solution, but I found myself in the same scenario in CodeIgniter version 3.0. In config.php
, go to Session Variables
section and you can set:
$config['sess_expiration'] = 0;
sess_expiration: The number of seconds you would like the session to last. If you would like a non-expiring session (until browser is closed) set the value to zero: 0
in $config.php file
change $config['sess_expiration'] = 7200;
to
$config['sess_expiration'] = 0;
Simply set sess_expiration =0
in application/config/config.php
file
as stated in Codeigniter documentation
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With