Session not getting cleared in Yii

Question

I have a strange problem. I have a web application build in Yii.

Whenever i logout from the application the user is returned to the home page. However if i refresh the page. the user is logged in again.

Here is config file

'session' => array(
       'class'=>'CDbHttpSession',
        'timeout'=>$params['session_timeout'],
        'autoStart'=>true,
    ),

and here is my logout code

    Yii::app()->session->clear();
    Yii::app()->session->destroy();
    Yii::app()->cache->flush();
    Yii::app()->user->logout();

Recently i noticed a file called session-1.1.8 in the runtime folder. it is not getting deleted at time of logout. how ever if i delete it manually,then user is logged out permanently.

So my Question is

1)Is there anything i am doing wrong here?

2)What is this "session-1.1.8" file ?

3)How can i logout permanently?

Answer 1

I use this set and get very good:

'cache'=>array(
   'class' => 'CFileCache', 
),

'session' => array(
   'class' => 'CDbHttpSession',
   'timeout' => 60*60*24*30*12*5, 
),  

60*60*24*30*12*5 = 60 seconds, 60 minutes, 24 hours, 30 days, 12 monts, 5 years

Answer 2

From Yii docs:

By default, it will use an SQLite3 database named 'session-YiiVersion.db' under the application runtime directory. You can also specify connectionID so that it makes use of a DB application component to access database.

Thats were the file is comming from, try using your own db component and that should fixit.

Yii::app()->user->logout(); already calls Yii::app()->getSession()->destroy();so you don't need to do it manually.