I have a few $_SESSION variables that keep track of what page the user comes from. This way, I can make the error messages more specific and thus the web app more user friendly. When a user does not come from any page, there is supposed to be a “welcome” message at the top of the main page. However, when I close the browser and access the main page, I get the message corresponding to the page I linked from prior to closing the session. This is my function:

function come_from($from_page, $updates_occurred) { 
    $message = "";
    if ($updates_occurred == false) {
        $message .= "Welcome to the User List.<br/>";
        $message .= "Select the user you wish to update, or add a new user. ";
    } elseif ($from_page == "edit_user.php") {
        $message .= "The user was successfully updated";
    } else { 
        $message .= "The user was successfully added";
    }
return $message; 
}

At the top of the main page, I have the following code:

if (isset($_SESSION['updates_occurred'])) {
    $updates_occurred = $_SESSION['updates_occurred'];
} else {
    $updates_occurred = false;
}

if (isset($_SESSION['come_from'])) {
    $come_from = $_SESSION['come_from'];
} else {
    $come_from = NULL;
    echo "got here";
}


echo come_from($come_from, $updates_occurred); 

*updates_occurred just keeps track of whether a user was successfully edited/added on the previous page.

I guess my main concern is: is there a problem with the way I am using the session variables? If my understanding is correct, session variables are supposed to expire when the browser is closed, right?