Jacques wrote: > How can I destroy the session object for a particular user when that user > leaves my web site without properly signing out? > > Jacques The most important part of this is "garbage collection." You can't really know for 100% sure that a user has left without properly signing out, but there are several things you can do to mitigate the problem: - Only set session cookies (i.e. browser should destroy the cookie when the browser is closed) - Modify the following php.ini directives in a way that fits you: - http://php.net/manual/en/ref.session.php#ini.session.gc-probability - (also look at the next several gc_* entries) -- Teach a man to fish... NEW? | http://www.catb.org/~esr/faqs/smart-questions.html STFA | http://marc.theaimsgroup.com/?l=php-general&w=2 STFM | http://php.net/manual/en/index.php STFW | http://www.google.com/search?q=php LAZY | http://mycroft.mozdev.org/download.html?name=PHP&submitform=Find+search+plugins
Attachment:
signature.asc
Description: OpenPGP digital signature
