hi friends i had a serious issue for my project actualy as u

hi friends i had a serious issue for my project actualy as u all know
whenever we login a entry is added in the sessions tableof our database
and it re3amins there till we log off

but in case the user clicks the close icon nof the browser (eg, IE or
mozilla )then in that case the session entry reamins intact

my issue was to delete the entry in either case whether the browser is
closed or the user logs off

You can't do that. Http is a stateless protocol - there is no durable
connection between the browser and the server. You cannot tell the
difference between the browser being closed and reopened, or the
network connection dropping out for a while, or the user simply
waiting a long time between requests.

That's what a session timeout is for. Normally, you will set the
timeout to some value that makes sense to your business (shorter
timeouts for things like online banking, longer timeouts for less
critical things).

You need to educate your users to use the logout button if they do not
want to be exposed to security risks through session hijacking.

But, again, you cannot detect when a user closes the browser.

That said, you can set your session timeout to a very short value (say
3 minutes or so) and add some javascript to all your html pages that
issues a "keep-alive" request to the server every minute or two (via
XmlHttpRequest). This way, the session will stay alive as long as the
user has a) a working network connection and b) javascript enabled in
the browser. This is an ugly hack though, which I would not recommend.

Sounds to me like your requirements have been written by business
people without a working understanding of web technology. It's your
job to educate them :wink: