How to destroy session with browser closing in codeigniter

Recently I have developed a web application with codeigniter. I am facing a session related problem there badly.

Problem scenario:

If user A logged into the application then the user id set in session. After doing task user A closed his browser and leave the computer. A little while later user B came and open browser and see the application was in logged in state. or when user B write down the url and press enter it directly redirected into the application without any authentication by using the previous session.

I used the following configuration for session:

$config['sess_cookie_name']     = 'ci_session';
$config['sess_expiration']      = 1800;
$config['sess_expire_on_close'] = FALSE;
$config['sess_encrypt_cookie']  = FALSE;
$config['sess_use_database']    = FALSE;
$config['sess_table_name']      = 'ci_sessions';
$config['sess_match_ip']        = FALSE;
$config['sess_match_useragent'] = TRUE;
$config['sess_time_to_update']  = 300;

Now my question is how can i destroy all the session with closing browser or browser tab in codeigniter?

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

Edit the config.php file and set sess_expire_on_close to true.

e.g

$config['sess_expire_on_close'] = TRUE;

Solution 2

You can use javascript and asynchron request.
When you close the window, the handler of window.onunload is called

var unloadHandler = function(e){
        //here ajax request to close session
  };
window.unload = unloadHandler;

To solve the problem of redirection, php side you can use a counter

  class someController  extends Controller {

   public function methodWithRedirection(){

        $this->session->set_userdata('isRedirection', 1);
        //here you can redirect  
   }
}
class homeController extends Controller{
   public function closeConnection(){
        $this->load->library('session');
        if($this->session->userdata('isRedirection')!== 1){
            //destroy session
         }
      }
   }  

Solution 3

Add a logout button.

Have that button destroy the session with CI’s built in destroy function.

$this->session->sess_destroy();

Solution 4

Have a look at this, and see if this helps.

https://github.com/EllisLab/CodeIgniter/wiki/PK-Session

Solution 5

Well, I don’t know if you already had the solution, but I found myself in the same scenario in CodeIgniter version 3.0. In config.php, go to Session Variables section and you can set:

$config['sess_expiration'] = 0;

sess_expiration: The number of seconds you would like the session to last. If you would like a non-expiring session (until browser is closed) set the value to zero: 0

Solution 6

in $config.php file

change  $config['sess_expiration'] = 7200;

to

$config['sess_expiration'] = 0;

Solution 7

Simply set sess_expiration =0 in application/config/config.php file
as stated in Codeigniter documentation

Solution 8

Open the general config file application/config/config.php, search for $config[‘sess_expiration’]

change

$config['sess_expiration'] = 7200;

to

$config['sess_expiration'] = -1;

Solution 9

for CI-3.0.4 locate the items below inside “config.php” and set accordingly

$config['sess_expiration'] = -1;
$config['sess_time_to_update'] = -1;

Solution 10

I use this way. Can this help you?

Change

$config['sess_expiration'] = 7200;

The result of above code is :

How to destroy session with browser closing in codeigniter

To

$config['sess_expiration'] = time() + 7200;

And the result of changed line is :

How to destroy session with browser closing in codeigniter

Now, if you close the browser window, the session will be deleted automatically.

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply