After user logs out, user should not view any other pages in that website... After user logs out, If user clicks back/forward tab in the toolbar, page should not be displayed.. i.e page should be expired.. How to solve ? How to delete cookies and session ? help me friends..
7  1279 
It is actually the web browser which stores pages to go backward and forward, so you cannot simply put in some PHP code to make it 100% inaccessable. One way to reduce the number of people going backward and forward is to include some client side code (eg. AJAX) which will check if the user is logged in before it displays the page.
Because PHP is server side the user would have to refresh the page for any PHP to be taken into account.
If this doesn't make sense, look up the difference between server side and client side, and then make a not that browsers are client side and going backward and forward is browser based functions.
@TheServant
that is usually the job of your session. once the session is destroyed, backward and forward calls should be handled accordingly (well, that's what sessions are for), unless the browser reads all data from its cache.
@Dormilich
Yeah, and most browsers will allow that to work like that. However, for example Opera, which I used for this reason, caches all it's pages which made going backward and forward very quick, but it also meant if a session was destroyed, it did not register until the page was refreshed.
so unless the actions, that may be triggered by that page, don't do session checks, I see no problem there.
alternatively, you can set Expires headers, which force the browser not to cache these pages.
This is a problem that people often look too far into; sure, the user is able to browse through pages in the browser's history, but as soon as that user attempts to do anything, i.e. click links, then the browser will be fetching new pages, not cached pages. Ergo, your user, assuming you're checking the sessions, will be locked out.
True. But there are some cases where you would not like them to look back, for example a test/exam which you need to recall a previous answer? Anyway, yeah if you can expire the page that would probably be the best.
Surely if the user has logged out that gives you the point at which you can clear the session? Make it part of the log out process. Then as long as the page checks the session info the problem is solved.
Granted if the browser caches the history there may not be a refresh of the page but perhaps the problem is being overstated as Markus said.
nathj
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Sean Pinto |
last post by:
Ok, you all are going to have to bear with me on this one as it is
kinda complicated to explain. I am implementing a company management
suite that requires Role-Based authentiations (ie. users are...
|
by: news.onet.pl |
last post by:
Hello
I'm biting into the following problem: HTTP is stateless protocol
and thus net languages' designer had to find out session. As
far as I know session handling in any of the language (PHP,...
|
by: Richard P |
last post by:
I am experiencing some browser weirdness.
My app uses session state to hide values I prefer to keep out of the
querystring. I am testing to see what happens when cookies are fully
disabled in IE...
|
by: Marcus |
last post by:
Hello,
Currently all of my php pages use SSL, not just my initial login.
Originally I thought this would be more secure, but after thinking about
things and looking at sites like Amazon and...
|
by: TaeHo Yoo |
last post by:
Hi all,
I am prett new in asp.net.
We have a project which has classic asp and asp.net scripts. Obviously
this project has a bin directory under the root directory. About 80% of
this project...
|
by: Oscar Thornell |
last post by:
Hi,
I have an ASP.NET page that generates an Exception...
The Exception is not caught in the executing method...so it propagates
to..the Page_Error event handling method..
In that method the...
|
by: John Allberg |
last post by:
Hi!
We have a problem which is correlated to web farms and session handling and
are thinking of what solution to choose.
Our setup is with a web farm, one ldap server and a database cluster.
...
|
by: BillE |
last post by:
When a user opens a new IE browser window using File-New-Window the
integrity of an application which relies on session state is COMPLETELY
undermined. Anyone who overlooks the fact that...
|
by: viz |
last post by:
hi,
i have written a class for session handling, and i want to use it to
keep track of the user.
After authenticating the user in login page i am storing the session
info like uname etc.. in a...
|
by: Josh |
last post by:
I run a Joomla website and am familiar with php in some but not all
aspects. Currently I am trying to find some solutions related to
session handling.
Am I correct in saying that "login" is kept...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
