Thats because php is more intuitive when it comes to sessions. In previous versions of php you were required to start and kill your sessions. That is no longer the case. It is far easier and more intuitive (not quite the right term but close) to do it php’s way. You can still start and stop sessions.
As for application start and end I an unsure as to what you refer to as php doesn’t support it. 
Hi Marcus,
thanks for your reply over the mail, and here I am, reviving an old thread.
With regards to your method below, I am still confused (I have a similar need as the thread starter). To summarise again, my application will write to the database each time the user log in and log out (to prevent multiple login). So, when the user closes the browser / leave the page, I would like it to write to the database; but not when he refresh the page.
What I have done is that, I have specified the unload and load method (I am using .net) in the aspx file as follows:
<body MS_POSITIONING=“GridLayout” onload=“setTimeout(‘myFunc()’, 20000)” onbeforeunload=“setTimeout(‘myFunc()’, 10000)”>
And I have the java script function as (just an example)
<script language=“javascript”>
function myFunc()
{
window.open(‘http://www.microsoft.com’);
}
</script>
It seems that after I left the page, the function myFunc is not executed. However, if I stay at the page, it’s being executed.
Do help to correct the mistakes that I made above. (not sure if I have the right thing by using client side scripting)
Thank you very much.
Rgds,
You want to log every time that a user goes to a different page? Even if it’s still within your site? Surely not! If you want that you only have to log on page load (which you can do in server-side script without the need for any client-side script).
You also mention logging in/out, so I shall assume that you actually want to log when the user logs out (again, easy using server-side script) or leaves the site. It is the “leaves the site” bit which is the problem.
You don’t say what server-side scripting language you are using, but if it is PHP, what you want to do isn’t possible, since PHP doesn’t seem to support a session expiry event (as you can see from the rest of the thread above, but perhaps it does support it and nobody’s said so). If it’s ASP, then simply add your logging code to the Session_OnEnd() event in GLOBAL.ASA.
My application uses frames, so, the url will be the same unless they navigate away from my site.
Our application is written using Microsoft .net.
As someone mentioned, I can also capture the information when the user logs out properly from my application, or when they close the browser. What I would like to achieve is, when the user leaves my site, I want to ‘automatically’ log off for him, otherwise, he can’t log on the next time (my application uses single log on).
So, I tried to use your method to set the session timeout in the load and unload message, but did not succeed. How can I achieve this? I just downloaded JSRS but can’t seem to figure out how to use. :bawling:
thanks.
Ok, so firstly, ignore JSRS.
Then add an onunload event to the framset page, which opens an external window, the URL of which is the logout page.
That’s it.
Ok, done that. But, the page will keep coming up even though i press the refresh button :xeye:
nakatakyo,
Have you considered setting an expires header on the document so that a reload would be a forced one (retrieves from server)? This would allow you to intercept the logout and note that the file request associated with it immediately follows, and take the appropriate action.
Of possible interest: postings by a user at another forum suggest that WinXP SP2 is closing a page much faster, interfering with some scripts that rely on onunload.
I found this script on the BBC website:
function bb(tsc){
var cookie = document.cookie;
var cookieArray = cookie.split('; ');
// Get timestamp stored in cookie
for (var loop=0; loop < cookieArray.length; loop++){
var nameValue = cookieArray[loop].split("=");
nameValue[0].toString();
if (nameValue[0].toString() == 'FP-TS'){
var cookieTime = nameValue[1];
}
}
//Get time stamp from js var formTime set in the tmpl
if (tsc){
var formTime = tsc
}
// Else check query string
else {
var url = document.location.toString();
var urlElements = url.split("?");
var queryStringElements = urlElements[1].split("&");
// Parse query string until we find tsc
for (var qsLoop=0; qsLoop < queryStringElements.length; qsLoop++){
var nameValuePair = queryStringElements[qsLoop].split("=");
if (nameValuePair[0] == "tsc"){
var formTime = nameValuePair[1];
}
}
}
formTime = parseInt(formTime);
cookieTime = parseInt(cookieTime);
//alert("formTime =" + formTime + " and cookieTime = " + cookieTime + "\
If cookieTime is higher, alert shows");
if (formTime < cookieTime){
alert ("Sorry, you've clicked your 'back' or 'refresh' button of your web browser.\
\
Please avoid these two buttons when filling in forms as they may wipe out information that you have already typed in.");
history.go(1);
}
return false;
}
LOL! yeah … it is what happens when making deep search at SE and finding buried, forgotten, interesting posts 
so time to respawn this …
Yeah ! i like that; in a website already built (PHP) , i have to define session expiration, so when pages load or member triggered ajax action happens, then the session timestamp gets updated;
A cronjob checks in shorter periods than the defined session expiration timeouts, the timestamps at sessions table, using a condition like :
if current_time - timeout_threshold > last_access_timestamp then run a logout operation (at server)
When member no longer will use site and logout, i want to know when a member uses the proper logout link, or simply uses close button, or maybe she cant use anything because browser, computer , whatever … crashed …
onunload is quite the answer to the issue of closing browser window, allowing to launch a fire and forget ajax action to make logout at server side …; but it is not the answer if wanting a member confirmation;
onbeforeunload would allow a better control, the problem is that it is also fired when member will keep browsing within site … it could be a refresh, or back button or a link …,
So as the quoted plan suggests , it is needed some server-side control; and i like the plan as it makes me thing considering timestamps in other sense, as i cant substract constant in the SQL query, so i store them as the future session expiration time, and then make scripts running checklogin to renew the expiration time (current_time + timeout_threshold), except the script ran by ajax action triggered at onbeforeunload, therefore i just need a variable to pass to checklogin function to know what kind of session extension is applied …; and the answer to the matter of no autosession expiration at PHP : use a cronjob and run oftenly, checking if current_time > expiration_timestamp for each active session ( as much as not over loading server )