hi all ,
i am new to php. i am developing admin site where users may log in by loginid and password. i am managing this by session but when the user log out from admin site if the browser back button is pressed. it again goes to the admin page. how ever if i close the browser and try again it works fine
login issue
Moderator: General Moderators
Re: login issue
I think you are not destroying the session correctly
And also you should check is the session variable is set at the top of each page which requires login.
Code: Select all
session_destroy();
Code: Select all
session_start(); // start the session
if( !isset($_SESSION['user'])) // check the session variable is set
// redirect to the login page
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: login issue
The web browser probably cached the admin page. So, when you pressed the back button, it did not even request your page, it fetched it from the RAM.
-
anilnakkani
- Forum Newbie
- Posts: 5
- Joined: Wed Jul 21, 2010 2:16 am
- Location: Hyderabad
Re: login issue
Hi,
After Logout.You need to check whether user session expired or not. if not expired need to move to that file to index,otherwise browser back button problem will come...
Thanks
Anil.N
Thought Radius - Experts for Partners
After Logout.You need to check whether user session expired or not. if not expired need to move to that file to index,otherwise browser back button problem will come...
Thanks
Anil.N
Thought Radius - Experts for Partners
Re: login issue
Additionally, when setting cookies on a page that redirects (like after a login/logout), the cookie must be set after the header()'s, else the cookie change may not stick.
example:
example:
Code: Select all
<?php
header('Location: http://www.example.com/');
setcookie ("TestCookie", "", time() - 3600, "/", "example.com", 1);
?>-
vishal5085
- Forum Newbie
- Posts: 3
- Joined: Thu Aug 05, 2010 11:58 pm
Re: login issue
The seesion is not destroyed.
so use this code
if(isset($submit))
{
session_destroy();
}
session_destroy() fonction will destroy ur session.
it worked for my website. so i think for ur website also it worked.
so use this code
if(isset($submit))
{
session_destroy();
}
session_destroy() fonction will destroy ur session.
it worked for my website. so i think for ur website also it worked.