Added a new config item to the Session class (sess_expire_on_close) to allow sessions to auto-expire when the browser window is closed.
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index f413c0d..fc3ee05 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -30,6 +30,7 @@
var $sess_use_database = FALSE;
var $sess_table_name = '';
var $sess_expiration = 7200;
+ var $sess_expire_on_close = FALSE;
var $sess_match_ip = FALSE;
var $sess_match_useragent = TRUE;
var $sess_cookie_name = 'ci_session';
@@ -655,12 +656,14 @@
// if encryption is not used, we provide an md5 hash to prevent userside tampering
$cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key);
}
-
+
+ $expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time();
+
// Set the cookie
setcookie(
$this->sess_cookie_name,
$cookie_data,
- $this->sess_expiration + time(),
+ $expire,
$this->cookie_path,
$this->cookie_domain,
0
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 25633b6..5740f73 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -100,6 +100,7 @@
<li>Added a second parameter (boolean) to <kbd>$this->zip->read_dir('/path/to/directory', FALSE)</kbd> to remove the preceding trail of empty folders when creating a Zip archive. This example would contain a zip with "directory" and all of its contents.</li>
<li>Added ability in the Image Library to handle PNG transparency for resize operations when using the GD lib.</li>
<li>Modified the Session class to prevent use if no encryption key is set in the config file.</li>
+ <li>Added a new config item to the Session class <kbd>sess_expire_on_close</kbd> to allow sessions to auto-expire when the browser window is closed.</li>
<li>Improved performance of the Encryption library on servers where Mcrypt is available.</li>
<li>Changed the default encryption mode in the Encryption library to CBC.</li>
<li>Added an <kbd>encode_from_legacy()</kbd> method to provide a way to transition encrypted data from CodeIgniter 1.x to CodeIgniter 2.x.
diff --git a/user_guide/libraries/sessions.html b/user_guide/libraries/sessions.html
index 3bd170d..2d295d7 100644
--- a/user_guide/libraries/sessions.html
+++ b/user_guide/libraries/sessions.html
@@ -258,6 +258,12 @@
<td class="td">The number of seconds you would like the session to last. The default value is 2 hours (7200 seconds). If you would like a non-expiring session set the value to zero: 0</td>
</tr>
<tr>
+ <td class="td"><strong>sess_expire_on_close</strong></td>
+ <td class="td">FALSE</td>
+ <td class="td">TRUE/FALSE (boolean)</td>
+ <td class="td">Whether to cause the session to expire automatically when the browser window is closed.</td>
+</tr>
+<tr>
<td class="td"><strong>sess_encrypt_cookie</strong></td>
<td class="td">FALSE</td>
<td class="td">TRUE/FALSE (boolean)</td>