How to delete session cookie on browser close

How to delete session cookie on browser close, or optionally detect and force "new开发者_高级运维" session for a returning user. I want to prevent storing session cookies by "session managers" like addons in firefox and such.

I guess you could use this :

session_set_cookie_params(0);
session_start();

Destroy PHP Session on closing

Session manager are designed to save session cookie : I don't think you can prevent their behavior.

However, you can set your php configuration to have a non-used session garbage collected really fast : Then the session, after a few amount of time (basically, 1 hour), will be invalidate. See the session.gc_maxlifetime parameter.

fortunately a website can't force anything to happen on the clients machine. if you don't want to rely on the browsers cookie-management and those addons, one way would be to not use cookies for sessions and use the good old session-id get parameter instread (or, alternatively, set the session-lifetime to something like 1 or 2 hours, but this isn't exactly what you wanted)

I don't think you'll be successful on this route.

If you need to log out the user so quickly, consider using a very short session lifetime (like, one minute) and keeping the session alive using a JavaScript setInterval or an iframe that refreshes itself every thirty seconds.