Hi,
I am new to php.
I have created a log in page that works but if i return to the login page after logging in using the 'Back' button, i am able to use the 'Forward' button to bypass the login form.
This is not good. How do i remedy this problem?
Thanks.
Nick
login security
Moderator: General Moderators
- aceconcepts
- DevNet Resident
- Posts: 1424
- Joined: Mon Feb 06, 2006 11:26 am
- Location: London
that is tough if not impossible to do as the information is cached on the user's machine.
you can use header() to force the browser to reload the page every time it's hit, but that won't guarantee that it will be reloaded on EVERY user's machine when they hit back or forward.
another option would be to use JS to prevent the user from using the back button (which only works if they have js enabled).
you can use header() to force the browser to reload the page every time it's hit, but that won't guarantee that it will be reloaded on EVERY user's machine when they hit back or forward.
another option would be to use JS to prevent the user from using the back button (which only works if they have js enabled).
-
sherrycrawley
- Forum Newbie
- Posts: 3
- Joined: Mon Nov 13, 2006 9:10 am
How to stop back button?
I have need to stop the back button in a prior life.Burrito wrote:that is tough if not impossible to do as the information is cached on the user's machine.
you can use header() to force the browser to reload the page every time it's hit, but that won't guarantee that it will be reloaded on EVERY user's machine when they hit back or forward.
another option would be to use JS to prevent the user from using the back button (which only works if they have js enabled).
When I asked about it, people would just say: "Well, use JavaScript to stop it".
However, I have never seen an example that does this. Everyone says you can do it, but can't show me how.
So, how can you prevent the back button? (assuming you have not turned off the tool bar in the window)?
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Re: How to stop back button?
Don't do it.... but:sherrycrawley wrote:I have need to stop the back button in a prior life.Burrito wrote:that is tough if not impossible to do as the information is cached on the user's machine.
you can use header() to force the browser to reload the page every time it's hit, but that won't guarantee that it will be reloaded on EVERY user's machine when they hit back or forward.
another option would be to use JS to prevent the user from using the back button (which only works if they have js enabled).
When I asked about it, people would just say: "Well, use JavaScript to stop it".
However, I have never seen an example that does this. Everyone says you can do it, but can't show me how.
So, how can you prevent the back button? (assuming you have not turned off the tool bar in the window)?
Code: Select all
try {
history.go(-1);
} catch (e) {}- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Handle it with server-side code using header(). The only way to ensure you are getting the functionality you want without relying on the users that have a specific technology enabled is handle it before the user has a chance to see it.