Expiry of page when using sessions
Moderator: General Moderators
Expiry of page when using sessions
Dear All,
I just today implemented the beginnings of a user authentication system into my new site, designed to handle multiple pages so that I can limit access to those pages available to those logged in only.
It all works fine, but when I use the 'back' button on my browser whilst navigating the pages I have limited to logged in users, internet explorer tells me that the web page has expired, and I cannot access the page, despite being logged in.
Is there any way I can avoid this problem, and stop web pages from 'expiring' and so not hindering navigation of the site?
Many thanks to you all,
Mark (mjseaden@hotmail.com)
I just today implemented the beginnings of a user authentication system into my new site, designed to handle multiple pages so that I can limit access to those pages available to those logged in only.
It all works fine, but when I use the 'back' button on my browser whilst navigating the pages I have limited to logged in users, internet explorer tells me that the web page has expired, and I cannot access the page, despite being logged in.
Is there any way I can avoid this problem, and stop web pages from 'expiring' and so not hindering navigation of the site?
Many thanks to you all,
Mark (mjseaden@hotmail.com)
Sorry I wasn't very clear. I have implemented user authentication using cookies - I get this expiration problem with any page using those wholesome authentication cookies.
I don't think the cookies would have expired so quickly unless I had explicitly asked them to do so, but this may be the problem. I do however think it is something else - any ideas?
Many thanks
Mark
I don't think the cookies would have expired so quickly unless I had explicitly asked them to do so, but this may be the problem. I do however think it is something else - any ideas?
Many thanks
Mark
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
i will make it quite clear now,i dont use cookies, in actuality i hate cookies, sessions are much better however..........
have you tried
this guarantees ths cookie wont be destroyed
also you can check your cookies existance on the next page by using
have you tried
Code: Select all
setcookie("CookieName", $data, time()+7200); /* expire in 2 hoursalso you can check your cookies existance on the next page by using
Code: Select all
<?php print_r($_COOKIE); ?>Okay - now I'm a little confused. I've been using PHP's session_start() and $_SESSION variables to communicate across the secure pages that a user is/isn't properly logged in. That means that the session variables aren't stored in cookies?
In any case, it is sessions I am using, and it is the page that handles login from a form that expires when I hit the 'back' button.
Many thanks for your help.
In any case, it is sessions I am using, and it is the page that handles login from a form that expires when I hit the 'back' button.
Many thanks for your help.
Well in Internet Explorer if you ever fill out a form and go to a page that handles this form, then click away, and click back again, it will disallow this procedure and give you that error.mjseaden wrote:Yes
I recommend giving your users a page that confirms their login, and then from there they can click to the site navigation/main user area.
This way they won't ever need to go back to the page that handles the login.
Hope this helps.
Last edited by m3mn0n on Sat Mar 20, 2004 6:49 am, edited 1 time in total.
-
malcolmboston
- DevNet Resident
- Posts: 1826
- Joined: Tue Nov 18, 2003 1:09 pm
- Location: Middlesbrough, UK
- Bill H
- DevNet Resident
- Posts: 1136
- Joined: Sat Jun 01, 2002 10:16 am
- Location: San Diego CA
- Contact:
Put thus at the top of each page:
I put it just before session_start(), but some people put it right after that call.
Code: Select all
session_cache_limiter("private,must-revalidate");