Closing the browser sends nothing to the webserver and with most webservers, the server has forgotten that you were ever there. When using sessions, you connect your browser and request a page, and that request is accompanied with a session key that is stored in a cookie on the browser machine by domain. PHP takes it on faith that IF this cookie comes with the request, it should match a session datastore, and it looks, and if it finds one, it uses that session when the session_start() function is called (now it remembers you, so to speak). As the script wraps up the session datastore is updated with any new session data, using a probability factor set in php.ini, it may do some extra processing to cleanup old "expired" sessions. Since the page has already been transmitted in it's entirety to the browser, and the browser should now be working to render the page, this extra process should have no noticeable impact on the user experience. This "Garbage Cleanup" routine will scan the entire datastore looking for session records that are older than allowed by another php.ini parameter (gc_maxlifetime), and removes them (gc stands for Garbage Cleanup). Keep in mind that this garbage collection will probably not remove the session that pertain to the browser that triggers the cleanup, but rather it will remove session records for other sessions that have not been referenced for a while. In php you can write your own session management handler routines and attach them to your php process. Check out some of the following; http://us4.php.net/manual/en/ref.session.php http://us4.php.net/manual/en/function.session-set-save-handler.php Studying these routines can teach you a lot about how sessions work. If you can get your users to log out instead of closing their browser, you have a chance to execute a script that will then kill a session and that usually removes an individual session data record. HTH, Warren Vail > -----Original Message----- > From: Philip Thompson [mailto:prthomp@xxxxxxxx] > Sent: Thursday, December 23, 2004 12:45 PM > To: php-general@xxxxxxxxxxxxx > Subject: Destroying session data > > > Hi all. > > I have multiple pages on a website that uses sessions ($_SESSION) to > store the data. However, I noticed that in the C:\Windows\Temp > directory, all the session variables/data files are stored there from > previous (and current) sessions. > > My question is: when the session is "logged out" or ended > (via closing > the browser or however), should these data files (which look like > sess_fd983aedf93ceeioa8332890bcd, etc) not be destroyed? If not, is > there a way to automatically destroy them because I don't > want to have > to go in each day/week/month and delete these session data files > manually? Are these data files considered to be cookies? > > Just to clarify, I know how to destroy session variables... I want to > know how to destroy the files that contain those variables after > they're no longer being used. I have RTFM and I can't seem to > find the > answer. > > Thanks in advance, > ~Philip > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
