Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
January 23, 2007, 8:43 pm
rate this thread
Referring to: http://nl2.php.net/sessions
If the session is stored in a cookie, usually it _should_ be deleted when
the browser closes, at least with the default setting for
session.cookie_lifetime at '0'. However, as the browser may choose to
either accept or decline cookies, it also has the last say in how long it
will store a cookie. It might be deleted on closing, it might be kept for
all eternity. Usually that should not be a problem, as the data belonging
to the session should time out (see the session.gc_maxlifetime directive)
after a while if it isn't used.
You can offer users a method to logout to destroy the session immediately,
but unfortunately, very few visitors use that option.