Dear Friends,
I am having a problem with back button in the PHP project. I have logged out (destroyed the sessions) after that when I click on Back button in browser, it's going to the previous page.But It suppose to don't go to the page.Because I have given session validation there.I am using IE5.0..
Any one pls send a reply to solve my problem..
thanks,
Francis
Back button - working after Logout
Moderator: General Moderators
-
francisrobinson
- Forum Newbie
- Posts: 1
- Joined: Thu Jun 09, 2005 6:32 am
Ya, you're just viewing a cached page. However, that's likely still going to be a problem for you as that cached page might contain sensitive information.
In my experience, sending these 3 headers stops all caching:
In my experience, sending these 3 headers stops all caching:
Code: Select all
header("Cache-control: no-cache");
header("Pragma: no-cache");
header("Expires: 0");Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
sending those headers should definitely help.
another thing I do as a failsafe (only works if they have js enabled) is add a history.forward() so they simply "can't" go back.
ie:
another thing I do as a failsafe (only works if they have js enabled) is add a history.forward() so they simply "can't" go back.
ie:
Code: Select all
<? if(isset($logout)){
unset($_SESSION['var']);
//continue unsetting the session vars...
?>
<script>
window.history.forward(1);
location = "login.php";
</script>
<?} // end if for need to log out ?>For cache :
For logging out - destroy all session traces - including those stored in cookies if any.
Code: Select all
header('Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0');Code: Select all
session_start();
session_unset();
$_SESSION = array();
session_destroy();
setcookie(session_name(),"",0,"/"); // Destrying Session info from user's PC