Removing users session from mysql table if they click close on browser

Question

I have a descent set up going for a user logging in and theres a session time() and a few other things added to a table.

The issue i have is that when the user closes the browser it dosent delete the session from the mysql table.

From the users perspective its fine because they have to login again when they open the browser.

But for the super-users dashboard it still shows the user is logged in if they close the browser.

I did have a look at the close browser alert javascript code but i would rather find a way doing it without that.

I then thought maybe a cron script but that could log a user out unless i was updating the time() each time they clicked another page. Is that the only way?

Answer 1

I wouldn't trust the browser telling you it was closing.

The only way is to do it on the server.

Try recording the current time against the session every time it gets validated - this will be the sessions last access time.

Then you can remove all sessions that exceed some time period you've decided on. You can either do this via a cron job, or add it to the session validation code and every user can help keep the table tidy.

Answer 2

can your database not have a "isLoggedIn" column. Can it just have a "lastActivityTime" column. The user is logged out if currentTime - lastActivityTime < loggedOutTime