Page 1 of 1

Advanced header tags and usage

Posted: Fri Jun 06, 2003 8:48 am
by mikusan
header("Cache-Control: no-store, no-cache, must-revalidate");

Where do i put this, anywhere in the middle of the script it does nothing, do i use it upon redirection for instance somehow integrate it with Location:
if so how would it look like?
header("Location: http://site.com","Cache-Control: no-store, no-cache, must-revalidate");
or
header("Location: http://site.com,Cache-Control: no-store, no-cache, must-revalidate");

thanks... i am trying to disallow people from pressing the "Back" button on top of their browser...

Posted: Fri Jun 06, 2003 8:53 am
by Gleeb
Don't break their back button, they'll whine. Take it from them instead.

Posted: Fri Jun 06, 2003 9:19 am
by nielsene
I know it wasn't your question, but ...

Here's another vote against breaking the back button. I did it in my first application. Thought I had a great and wonderful reason for it, but it annoyed the users greatly and I'm still trying to undo some of that damage.

If you are worried about back button/reloads doing funny things in the database, the "right" thing to do is to develop some system often using a "nonce" to make sure that only the first page view of a given instance of page generates a "hit". A "nonce" means "not more than once".

One way of dealing with this (I'm not saying this is the best way, just an example):
Use your database auto increment/serial field to issue a unique id/nonce to each outgoing link within your site on each page view. On a page transition check if the nonce is marked as used in your database. If its used, simply display the page without re-entering the data. If its not used, do the regular database work and then mark the nonce used (within a transaction if your DB supports it).

Posted: Fri Jun 06, 2003 9:28 am
by mikusan
That was one of my worries...thanks