Roger Varley wrote:
> I'm sure that I've read that it's possible, using Javascript, to
> detect if a client closes the browser & if that's true, then you could
> use an AJAX call to invalidate the session.

This is possible, but you can't bet on it actually working. The user
might have javascript disabled, or the browser may not fire javascript
events as it's closing itself entirely (instead of just closing one
window, for instance).

Basically, the only reliable way to destroy a session is to wait for it
to time out (unless the user explicitly logs out, of course).


I would not disagree with this. However, you have to suspect that the
majority of clients don't have Javascript turned off, otherwise Ajax
wouldn't be the current favourite technology. :-)

Regards
Roger

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to