Auto Logout if user closes Browser ? Is it possible?

Hi Masters,

I have a FOOTER.PHP in which the Site’s stats are shown. Line number of total member and no of online members. To maintina this, the User MUST be LOGIN and LOGOUT as well. As far as LOGOUT is conceren, usually, People do not Logout properly, they just close the browser. Therefore actually they are not ONLINE at the SITE but in the Site’s Stats they are shown as ONLINE.

What I want to know is that IS it possible that whenever a user closes the browser prior to the Logout, THROUGH SOME WAY THEY LOGOUT FROM THE SITE ???

Please give your expert advices. Thanks a Million

You might consider in your DB to add a field for the session id. When members log in it sets the field to their session id.

When your page footer loads, it runs a script that does a glob() for files in the session folder, all the files should be the same as the name of the session id.

Next, I would compare the file names from the glob() to the session id’s stored in the database, if a glob file matches the session id entry in the database, then you know the user is still online, if not, the user is offline. You can also take the total number of glob() session files and subtract them from the number of sessions id’s that are matched in the database to determine the total number of guests that are online.

Btw, when a user closes the browser it kills the session. However, from a few tests after closing a browser on some servers, with differing settings, the temporary session file is not instantly deleted. Thus, I suppose the server has a cron job running in the background that does the house cleaning on sessions that are no longer persistant.

The short answer is no.
HTTP is stateless, so each time you load a page, the browser establishes a connection to the server and closes it again. It is not untill the next time that the user request a page, that the connection is reopened. For example, if you load a page, and then disconnect from the internet (like turn off your modem), you’ll still be able to view the page. It’s not until you click a link, that the browser will fail.
The consequences are that a server has no way of knowing if a request was the last or not. The way servers handle it is y setting a timeout. For php it’s by default 1440 seconds, after which the session is discarded. The other option is to explicitly delete the session. You’ll have to make an explicit request to do this - closing the browser won’t do it. So your best option is really to make a “logout” link which your user may click. Within this page, call [fphp]session_destroy[/fphp].

Of course there is a trik, but it’s rather unreliable. Basically it involves some javascripting (aka ajax), but as I said it’s unreliable so I wouldn’t bother.

The way such an “online users” script normally work is by logging each time a user requests a page, and then simply counting the number of users, who have been active within the last couple of minutes. It’s a cheat, but it’s the only way.

and what about holmescreek 's suggestion how to use that particularly glob() ??? i have never heared that. Hey Holmescreek could u please give me some more details or Better u can provide a example (a simple one) plz

can we make use of SESSION TIMEOUT in this regard ???

That is pretty much correct. The session.gc_* ini options effect the garbage collections of closed sessions.

Those ini options are explained in Session Handling.

so Should i understand that there is NO WAY FOR BROWSER CLOSE = LOGOUT USER ???

There is a JavaScript function onClose (or something similar) which is called when the browser is closed. You could use this to call a script which logs out the user.

Edit: I think it is used in the body tag <body onClose=“javascript.function()”>

can any one give me an example ? of such javascript functtions

I am no javascript expert - however, I think this is what you should do:

have the script:

<script type="text/javascript">
function sessionClose()
- do session close stuff

and then in the body tag

<body onClose="sessionClose()">

I have noooo idea how to do the javascript stuff, but the above should get you started

SO is here any one who can provide me a simple workable code for this ??? I hope there is some one…hey what about you mrwooster ???

The simple example that mrwooster posted should work fine with the exception that I would use onunload rather than onclose to call your function.


As I spent a long time working on a scipt to logout users after 20 minutes of inactivity…

This works by having a script which is run everytime that all the pages are refreshed.

I used some extra coloumns in the database to log the users last time that they went on a page, and then compare that to the current time each time a page is loaded by using include()

This is my php code for onlinecheck.php

$res = mysql_query("SELECT timecheck FROM users WHERE username = '".$_SESSION['username']."'");
$timech = mysql_result($res, 0, 0);
$timecheck = time() - $timech;
$time = time();

if($timecheck > 1200) {
	header ("location: logout.php");
	$res = mysql_query("UPDATE users SET timecheck = '".$time."' WHERE username = '".$_SESSION['username']."'");

$sql = mysql_query("SELECT id FROM users WHERE username = '".$_SESSION['username']."'");
$UserID = mysql_result($sql, 0, 0);
$res = mysql_query("SELECT LastUpdate FROM tblSessions WHERE UserID = $UserID");
$LastUpdate = mysql_result($res, 0, 0);
$Difference = time() - $LastUpdate;

if (!$LastUpdate) {
	if ($Difference > 2000) {
		header("Location: logout.php");

$UpdateDiff = mysql_query("UPDATE tblSessions SET TimeDifference = '".$Difference."' WHERE UserID = $UserID");
$UpdateTime = mysql_query("UPDATE tblSessions SET LastUpdate = '".time()."' WHERE UserID = $UserID");

$sql = mysql_query("SELECT * FROM tblSessions WHERE LastUpdate < '".time()."'");

if (mysql_num_rows($sql) == 0) {
	//do nothing
	while($aOffUser = mysql_fetch_array($sql)) {
		$Difference = time() - $aOffUser['LastUpdate'];
		$UpdateDiff = mysql_query("UPDATE tblSessions SET TimeDifference = '".$Difference."' WHERE UserID = '".$aOffUser['UserID']."'");
		$res = mysql_query("SELECT * FROM tblSessions WHERE TimeDifference >= 2000");
		if (mysql_num_rows($res) == 0) {
			//do nothing
			while ($aUser = mysql_fetch_array($res)) {
				$SetUserOffline = mysql_query("UPDATE users SET useron = 0 WHERE id = '".$aUser['UserID']."'");
				$DeleteRow = mysql_query("DELETE FROM tblSessions WHERE UserID = '".$aUser['UserID']."'");


I hope you can make some sence from that, if you need any explaining then just ask :slight_smile:

Good luck,

try setting the session.cookie_lifetime to 0…which basically will keep the session active until the browser is closed

Quote from

session.cookie_lifetime specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means “until the browser is closed.” Defaults to 0. See also session_get_cookie_params() and session_set_cookie_params().

Based on the above, you might also have to set the session_set_cookie_params to 0 as well.

hope this works for you…cheers.