hmmn. i am having a problem with my logout system on my thesis website wherein when i try to logout, the previous page can still be viewed when the back button is pressed even though all sessions are already destroyed. i've tried to put the following code at the top of the page that i dont want users to be viewed on back button:
<?
Header("Cache-control: private, no-cache");
Header("Expires: Mon, 26 Jun 1997 05:00:00 GMT");
Header("Pragma: no-cache");
header ("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT");
?>
and on the <head>
<META http-equiv="expires" content="0">
*************************************
i found those codes which they say would clear the cache of the page. but still wont work.
this is the top of my memberspage.php:
<?session_start(); ?>
<?
// start session
// if username blank, include login form.
if (!$adminusername) {
include 'loginpage.php';
exit();
}
else
{
contents of my page
}
?>
code for my logout page:
<?
session_start();
session_unset();
session_destroy();
ob_end_clean();
header("Location: loginpage.php");
?>
when i try to login-->view memberspage-->refresh it--->logout-->then press back button--> it doesnt show the members page anymore but the login page. this is what i want to happen. is there any way to amend my codes like a redirect/refresh or something ?
thanks in advance