Your application/session will never get any information whether the user
closes his browser or a tab!
Even the lifetime of the session cookie is depending on which browser the
user is on and if any other
window is open. So the only solution would be polling some "watchdog.php"
using a XMLHttpRequ
So i would like to have it well done as following :
1. if user close the browser : session is destroyed and user is redirected
to main HTTPS page (the login one)
2. if user close the TAB in which the web application worked, the session
data (so cookies if i understood well) should be destroyed to
If you set the session timeout to 0, then it dies when the browser is
quit.
On Wed, March 21, 2007 12:37 pm, Alain Roger wrote:
> Hi,
>
> I would like to know what is the best solution for my problem.
>
> When a user is connected to a https page and a session is open, if
> user
> close his browser
On Mar 22, 2007, at 11:52 PM, Travis Doherty wrote:
Juergen Wind wrote:
Travis Doherty wrote:
By default the session cookie expires when the browseris closed.
this is not always true: f.e. FF requires *all* open windows to be
closed to
forget that session.
Personally I think this do
Juergen Wind wrote:
>Travis Doherty wrote:
>
>
>>By default the session cookie expires when the browseris closed.
>>
>>
>this is not always true: f.e. FF requires *all* open windows to be closed to
>forget that session.
>
>
Personally I think this does make sense. I fully expect the brows
Also, on a daily basis last week after a windows update glitch... I had to
kill rogue IE processes after it was closed, which I found kept some of my
users logged in, which was fun...
>
> Travis Doherty wrote:
> > By default the session cookie expires when the browseris closed.
> this is not alwa
Travis Doherty wrote:
> By default the session cookie expires when the browseris closed.
this is not always true: f.e. FF requires *all* open windows to be closed to
forget that session.
>If the browser refuses the cookie, sessions won't work anyway.
again: this is not always true. Only if "se
Alain Roger wrote:
> Hi Brad,
>
> yes this is one possibility, but since i use https, i should not be
> afraid
> by storing data in $_SESSION variables.
Just a note that while SSL may help to protect the session id from being
packet sniffed you should still be concerned about storing sensitive
d
Alain Roger wrote:
> Hi,
>
> I would like to know what is the best solution for my problem.
>
> When a user is connected to a https page and a session is open, if user
> close his browser, the session ID is still active in the browser
> "history".
> It means that next time when user will start his
Hi Brad,
yes this is one possibility, but since i use https, i should not be afraid
by storing data in $_SESSION variables.
So i see that solution as a heavy one.
Is there another possibility ?
thanks,
Al.
On 3/21/07, Brad Bonkoski <[EMAIL PROTECTED]> wrote:
Alain Roger wrote:
> Hi,
>
> I wo
Alain Roger wrote:
Hi,
I would like to know what is the best solution for my problem.
When a user is connected to a https page and a session is open, if user
close his browser, the session ID is still active in the browser
"history".
It means that next time when user will start his browser, th
11 matches
Mail list logo
