From eaa71ba1c19538af5416dceec288aa37cad2b7e6 Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Thu, 2 Sep 2010 10:32:07 -0500
Subject: Added a new config item to the Session class (sess_expire_on_close)
 to allow sessions to auto-expire when the browser window is closed.

---
 system/libraries/Session.php       | 7 +++++--
 user_guide/changelog.html          | 1 +
 user_guide/libraries/sessions.html | 6 ++++++
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index f413c0d1b..fc3ee0542 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -30,6 +30,7 @@ class CI_Session {
 	var $sess_use_database			= FALSE;
 	var $sess_table_name			= '';
 	var $sess_expiration			= 7200;
+	var $sess_expire_on_close		= FALSE;
 	var $sess_match_ip				= FALSE;
 	var $sess_match_useragent		= TRUE;
 	var $sess_cookie_name			= 'ci_session';
@@ -655,12 +656,14 @@ class CI_Session {
 			// if encryption is not used, we provide an md5 hash to prevent userside tampering
 			$cookie_data = $cookie_data.md5($cookie_data.$this->encryption_key);
 		}
-
+		
+		$expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time();
+		
 		// Set the cookie
 		setcookie(
 					$this->sess_cookie_name,
 					$cookie_data,
-					$this->sess_expiration + time(),
+					$expire,
 					$this->cookie_path,
 					$this->cookie_domain,
 					0
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 25633b631..5740f7397 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -100,6 +100,7 @@ Hg Tag: </p>
 			<li>Added a second parameter (boolean) to <kbd>$this->zip->read_dir('/path/to/directory', FALSE)</kbd> to remove the preceding trail of empty folders when creating a Zip archive. This example would contain a zip with "directory" and all of its contents.</li>
 			<li>Added ability in the Image Library to handle PNG transparency for resize operations when using the GD lib.</li>
 			<li>Modified the Session class to prevent use if no encryption key is set in the config file.</li>
+			<li>Added a new config item to the Session class <kbd>sess_expire_on_close</kbd> to allow sessions to auto-expire when the browser window is closed.</li>
 			<li>Improved performance of the Encryption library on servers where Mcrypt is available.</li>
 			<li>Changed the default encryption mode in the Encryption library to CBC.</li>
 			<li>Added an <kbd>encode_from_legacy()</kbd> method to provide a way to transition encrypted data from CodeIgniter 1.x to CodeIgniter 2.x.
diff --git a/user_guide/libraries/sessions.html b/user_guide/libraries/sessions.html
index 3bd170d60..2d295d72e 100644
--- a/user_guide/libraries/sessions.html
+++ b/user_guide/libraries/sessions.html
@@ -257,6 +257,12 @@ do not need to write your own routine to do it.</p>
 	<td class="td">None</td>
 	<td class="td">The number of seconds you would like the session to last. The default value is 2 hours (7200 seconds). If you would like a non-expiring session set the value to zero: 0</td>
 </tr>
+<tr>
+	<td class="td"><strong>sess_expire_on_close</strong></td>
+	<td class="td">FALSE</td>
+	<td class="td">TRUE/FALSE (boolean)</td>
+	<td class="td">Whether to cause the session to expire automatically when the browser window is closed.</td>
+</tr>
 <tr>
 	<td class="td"><strong>sess_encrypt_cookie</strong></td>
 	<td class="td">FALSE</td>
-- 
cgit v1.2.3-24-g4f1b