pintee Posted May 9, 2013 Share Posted May 9, 2013 I have a character creation form where you enter the name of your character then press submit. It then brings up a success page. However, I don't want the user to be able to use their back button to return to the character creation page, so on the character creation page I redirect to the main menu page if it is detected that the referring page was the success page. However when it brings up the main menu page, the information it shows is out of date. You have to refresh the page for it to reflect the latest changes. It's almost as if the redirect is bringing up a cached version of the page....Any ideas why the latest changes aren't being shown on redirect? createcharacter.php <?php // First we execute our common code to connection to the database and start the session define('MyConst', TRUE); include('database.class.php'); include('table.class.php'); include('user.class.php'); include('loginattempts.class.php'); include('timer.class.php'); include('functions.php'); include('loginf.php'); include('character.class.php'); include('playercharacter.class.php'); $dbo = database::getInstance(); $dbo -> connect("***********", "********", "*********", "********", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); secSessionStart(); // At the top of the page we check to see whether the user is logged in or not if(empty($_SESSION['user'])) { // If they are not, we redirect them to the login page. header("Location: login.php"); // Remember that this die statement is absolutely critical. Without it, // people can view your members-only content without logging in. die("Redirecting to login.php"); } // Everything below this point in the file is secured by the login system if($_SERVER['HTTP_REFERER'] == "success.php") { // If they are not, we redirect them to the login page. header("Location: mainmenu.php"); // Remember that this die statement is absolutely critical. Without it, // people can view your members-only content without logging in. die("Redirecting to mainmenu.php"); } if(!empty($_POST)) { $character = new character(); $data = array("character_name" => $_POST['charactername'], "health" => 0, "money" => 1500, "exp" => 0, "rank" => 0, "points" => 0); $character -> bind($data); $character -> store(); $character_id = $dbo -> getConnection() -> lastInsertId(); $playercharacter = new playercharacter(); $data = array("character_id" => $character_id, "user_id" => $_SESSION['user']['user_id']); $playercharacter -> bind($data); $playercharacter -> store(); $query = "SELECT * FROM playercharacter WHERE character_id = :character_id"; try { $stmt = $dbo->getConnection()->prepare($query); $result = $stmt->execute(array(':character_id'=>$row['character_id'])); } catch(PDOException $ex) { die("Failed to run query4: " . $ex->getMessage()); } $row = $stmt->fetch(PDO::FETCH_ASSOC); $_SESSION['playercharacter'] = $row; // If they are not, we redirect them to the login page. header("Location: success.php"); // Remember that this die statement is absolutely critical. Without it, // people can view your members-only content without logging in. die("Redirecting to success.php"); } ?> <!DOCTYPE HTML> <head> <meta http-equiv="content-type" content="text/html" /> <meta name="author" content="lolkittens" /> <title>Untitled 5</title> </head> <body> <h1>Create Character</h1> <form action="createcharacter.php" method="post"> Enter name:<br /> <input type="text" name="charactername" value="" /> <br /><br /> <input type="submit" value="Create" /> </form> </body> success.php <?php // First we execute our common code to connection to the database and start the session define('MyConst', TRUE); include('database.class.php'); include('table.class.php'); include('user.class.php'); include('loginattempts.class.php'); include('timer.class.php'); include('functions.php'); include('loginf.php'); $dbo = database::getInstance(); $dbo -> connect("*************", "*********", "**********", "***********", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); secSessionStart(); // At the top of the page we check to see whether the user is logged in or not if(empty($_SESSION['user'])) { // If they are not, we redirect them to the login page. header("Location: login.php"); // Remember that this die statement is absolutely critical. Without it, // people can view your members-only content without logging in. die("Redirecting to login.php"); } // Everything below this point in the file is secured by the login system // We can display the user's username to them by reading it from the session array. Remember that because // a username is user submitted content we must use htmlentities on it before displaying it to the user. ?> <!DOCTYPE html> <html> <head> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"> </script> </head> <body> <a href="mainmenu.php">Success!</a></a> </body> </html> mainmenu.php <?php // First we execute our common code to connection to the database and start the session define('MyConst', TRUE); include('database.class.php'); include('table.class.php'); include('user.class.php'); include('loginattempts.class.php'); include('timer.class.php'); include('functions.php'); include('loginf.php'); $dbo = database::getInstance(); $dbo -> connect("*********************", "******************", "***************", "*****************", array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8')); secSessionStart(); // At the top of the page we check to see whether the user is logged in or not if(empty($_SESSION['user'])) { // If they are not, we redirect them to the login page. header("Location: login.php"); // Remember that this die statement is absolutely critical. Without it, // people can view your members-only content without logging in. die("Redirecting to login.php"); } // Everything below this point in the file is secured by the login system // We can display the user's username to them by reading it from the session array. Remember that because // a username is user submitted content we must use htmlentities on it before displaying it to the user. ?> <?php $stmt = $dbo->getConnection()->prepare("SELECT count(character_name) FROM playercharacter JOIN `character` ON (playercharacter.character_id = `character`.character_id) WHERE user_id = :user_id"); $query_params = array(':user_id'=>$_SESSION['user'][user_id]); // Execute the prepared query. $result = $stmt->execute($query_params); $rows = $stmt->fetch(PDO::FETCH_NUM); echo $rows[0]; $createCharacters = 4 - $rows[0]; for($i = 0; $i < $createCharacters; $i++) { echo '<a href="createcharacter.php">Create Character</a><br />'; } for($i = 0; $i < $rows[0]; $i++) { echo '<a href="loadplayer.php?id='.$rows[0].'">Play</a> <br />'; // echo '<a href="loadplayer.php">Create Character</a><br />`; } ?> <!DOCTYPE html> <html> <head> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script> <script src="functions.js"></script> </head> <body> </body> </html> Any help would be greatly appreciated!! Quote Link to comment Share on other sites More sharing options...
davidannis Posted May 9, 2013 Share Posted May 9, 2013 http://stackoverflow.com/questions/49547/making-sure-a-web-page-is-not-cached-across-all-browsers You might find this useful. Quote Link to comment Share on other sites More sharing options...
davidannis Posted May 10, 2013 Share Posted May 10, 2013 Sorry I didn't have time for a more complete answer before, but when the browser gets the redirect to a URL it has already visited it loads the cached page. An http no-cache header will fix the problem in almost all browsers. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.