Session variable and browser back button

[manton]

Hello!

I have a page that only logged in users may have access to some records of a db.

The problem is that when a logged in user browse the pages and use the back button of the browser, the data of the previous page is lost.

It seems that session is lost.

 

Can you please help me?

This is my code:

 

<?php require_once('../Connections/palso.php'); ?>
<?php
//initialize the session
if (!isset($_SESSION)) {
  session_start();
}

// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
  //to fully log out a visitor we need to clear the session varialbles
  $_SESSION['MM_Username'] = NULL;
  $_SESSION['MM_UserGroup'] = NULL;
  $_SESSION['PrevUrl'] = NULL;
  unset($_SESSION['MM_Username']);
  unset($_SESSION['MM_UserGroup']);
  unset($_SESSION['PrevUrl']);

  $logoutGoTo = "login.php";
  if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
  }
}
?>
<?php
session_start();
$var = $_SESSION['MM_Username'];
require_once('../Connections/palso.php');


$colname_Recordset1 = "-1";
if (isset($_SESSION['MM_Username'])) {
  $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']);
}
mysql_select_db($database_palso, $palso);
$query_Recordset1 = sprintf("SELECT * FROM `data` WHERE SchoolCode = '%s' ORDER BY `data`.`LevelDescription` ASC, `data`.`Surname` ASC", $colname_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $palso) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
session_start();
$_SESSION['ses_kod'] = $_POST['txtkod']; 

session_start();
$_SESSION = array(); 
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-7" />
<title>Ταξινόμηση υποψηφίων ανά επίπεδο</title>
<link href="styles.css" type="text/css" rel="stylesheet" />
<link rel="stylesheet" type="text/css" href="print.css" media="print" />
</head>

<body>
<div id="container">
<div id="list">
<h4>ΛΙΣΤΑ ΥΠΟΨΗΦΙΩΝ</h4>

<form id="form1" name="form1" method="get" action="tickets.php">
<input class="nav" type="submit" name="Submit" value="Εμφάνιση Δελτίων" />
<a class="nav"><a href="<?php echo $logoutAction ?>" class="nav">Αποσύνδεση</a>
<p></p>

<table width="800" border="1">
  <tr>
    <td width="50" class="fields"><a href="list.php">LevelDescription</a></td>
    <td width="100" class="fields"><a href="list_bin.php">BinSerialCode</a></td>
    <td width="320" class="fields"><a href="list_sur.php">Surname</a></td>
    <td width="150" class="fields">Name</td>
    <td width="130" class="fields">Fathername</td>
  </tr>
    <?php do { ?>
      <tr>
        <td class="calign"><?php echo $row_Recordset1['LevelDescription']; ?></td>
        <td class="calign"><a href="ticket.php?BinSerialCode=<?php echo $row_Recordset1['BinSerialCode']; ?>" class="binserial"><?php echo $row_Recordset1['BinSerialCode']; ?></a></td>
        <td><?php echo $row_Recordset1['Surname']; ?></td>
        <td><?php echo $row_Recordset1['Name']; ?></td>
        <td><?php echo $row_Recordset1['Fathername']; ?></td>
      </tr>
      <?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1)); ?>
</table>
</form>
</div>
</div>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>