Vidya_tr Posted March 25, 2009 Share Posted March 25, 2009 Hi, In my application I want to control going back to the previous page after logging out. I have a problem when using session variables. I am using javascript on the client side and php on the server side. I tried using the the cache-control mechanism in html,but doesnt work for me. I tried using session variables in php with session_register() and session_destroy(); But still I am not able to go ahead. Anyone please help me with steps in using session variables. I am new to php. So it is a bit difficult for me.Please help Thanks.. Quote Link to comment Share on other sites More sharing options...
WolfRage Posted March 25, 2009 Share Posted March 25, 2009 Start a Session. <?php session_start(); ?> Have each page that users are not allowed to visit require a vaild Session. <?php if($_SESSION['vaild']!==TRUE) { //redirect them to a different page or display nothing what ever you would like. and of course. exit(); } // else Not needed /*You set the session as vaild and it has not been set as invalid as would happen on you logout code. Plus you should destroy the session, which would mean that variable would not be set and thus not TRUE.*/ ?> However as for the back, button even if you set no-cache browsers still store a lot of the data on the client side, but that does not mean they are able to do anything, the minute they try to fill in a form our take any other kind of action such as clicking a link that is protected by the session they will have to request information from the server and will be promptly denied as they do not have a vaild session. Quote Link to comment Share on other sites More sharing options...
Vidya_tr Posted March 26, 2009 Author Share Posted March 26, 2009 After logout, when I click the GO FORWARD button of the browser it goes to next page. I am able to perform some actions and update the database.But after that when I try to log out ,It shows a blank page . Going to the next page by clicking the GO FORWARD button, once I logout ,should not happen as I am not logging in with the username and password. Help me to prevent going to the next page by cliking browser button. Quote Link to comment Share on other sites More sharing options...
WolfRage Posted March 26, 2009 Share Posted March 26, 2009 Look, you need to validate the session prior to everything else! If you do not then yes, if you allow an update to the database prior to validation, then of course it will happen! Browser button or not, if you validate the session prior, no action will be taken. Quote Link to comment Share on other sites More sharing options...
waynew Posted March 26, 2009 Share Posted March 26, 2009 <?php session_start(); if(!$_SESSION['logged_in']){ header('Location: login.php'); //redirect them to login exit; } //update and insert code etc goes here AFTER session check ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.