问题
Let's suppose I have a sign-in form. When I sign in successfully I am redirected to the logged in home page. Currently, when I close this page without signing out, and re-open Firefox, this logged in home page is started again.
I want it so that when the user closes their browser the session is the session is expired and when they next open Firefox the logged-in home page isn't displayed.
I think session will be used for this, but I don't know how I can set a time or even make it so that when Firefox closes the closes session get destroyed.
回答1:
You want the session cookie to have an expire time of 0 - see:
http://php.net/manual/en/function.setcookie.php
http://docs.php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime
回答2:
Set your session timeout to 15 minutes, this should do the job. You cannot catch the "close browser" or "close tab" event for sure (no javascript enabled, browser just crashes, etc), so you shouldn't go for that.
Check Felix' post for additional information where to set the session timeout exactly.
回答3:
Pardon me if I am stepping on toes as non-server HTML programmer, but could you check to see if the browser already has a cookie from a previous session? Even if the answer is yes, if it is a new session, force an authentication?
Just a thought.
来源:https://stackoverflow.com/questions/2171821/how-do-i-make-my-site-automatically-sign-out-a-user-when-they-close-their-browse