We're a community of 1076K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,075,991 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: BlackBerry® Z10
1 Year Ago
0

Destroy Session

Hi guys,

Here I got a problem that my session expired is not secure I think..
I use this code, but user can click button back and go to previous page. Means session not destroy..
May I know why its happen. Within 15 min it will be logout but user can go the previous page by click button back. No
need to login..What I want here, that user must login again because system will destroyed within 15 min.
Anybody can help me??

<?php
header("Expires: Sat, 01 Jan 2020 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter("must-revalidate");

if(!isset($_SESSION['username']))
{

        session_destroy();
        unset($_SESSION['username']);
        header('Location: index.php');
        exit;

}
else
header( "refresh:900;url=index.php" );//auto logout(15minutes)

?>
4
Contributors
4
Replies
2 Days
Discussion Span
1 Year Ago
Last Updated
5
Views
HasNor
Junior Poster
101 posts since Jan 2012
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0
1 Year Ago
0

Because clicking the back button will take the page from the browser's cache, without actually reloading the page.

pritaeas
Posting Prodigy
Moderator
9,287 posts since Jul 2006
Reputation Points: 1,173
Solved Threads: 1,458
Skill Endorsements: 86
1 Year Ago
0

I remember once using

session_start();
session_destroy();
session_start();

due to some problem or other. Don't know if this is useful?

diafol
Keep Smiling
Moderator
10,654 posts since Oct 2006
Reputation Points: 1,628
Solved Threads: 1,510
Skill Endorsements: 57
1 Year Ago
0

Hi,
When the back button is clicked, the browser check to load the page from cache.
Try add these meta tags in the Head zone of the HTML code, that tell the browser to not cache the page.

<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
CoursesWeb
Newbie Poster
13 posts since Mar 2012
Reputation Points: 0
Solved Threads: 0
Skill Endorsements: 0
1 Year Ago
0

Thanks guys..
hurm, t've tried that way but still reload the previous page..how can i do??
i'm blur.. :(

HasNor
Junior Poster
101 posts since Jan 2012
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0

This article has been dead for over three months: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Web Development > PHP
View similar articles that have also been tagged:
 
© 2013 DaniWeb® LLC
Page rendered in 0.0886 seconds using 2.73MB