My site uses php session to control login and watnot. The login page is login.html, which then log in to home.php, which checks to make sure the user is vlaid and then starts the sessions. Now, if the user clicks on logout, he logs out by destroing the session variable.
The user clicks back and sees the warning: page has expired page. I know theres no way of preventing this since its a security mechanism. but the stupid thing is, if the uesr hits refresh, he logs in again! So a lazy user will logout and leave the browser open and then smoene else can click on back and reload and voila he'll be logged in~
Every page has detection to check if the user is logged in, ie a session is active, and if not a page prompting to login is displayed. Now, every other page will do this since every other page isnt the login page.
But yeah is there a godo way to get aroudn this easily? So tat if a user logs out and hits back to the login page, IE wont allow a simple reload to log in the user all over again?
Thanks!!
Warning: pagehasexpired lets users refresh to login
Moderator: General Moderators