0

I am signin my lgoin page it will redirect to my home page. The probs is when i am pressing back button it will go to login page.
Again come on home page by press forward button.

Is there any method to stop all this things. means it should be go to login page when ever i am pressing forward or back button.

Edited by newbie1234

3
Contributors
8
Replies
9
Views
5 Years
Discussion Span
Last Post by broj1
0

You have a problem with the browsing history not the cache (the cache just speeds up loading of pages by saving what you visited).

My opinion is that it is not a good idea to change the behaviour of browser back and forward buttons since user expects clicking on them will bring them back / forward. But yes, it can be done. You can save a successful login in session and when successful login exists redirect user using header();

On login.php page:

session_start();

// if user has already logged in redirect them to home.php
if(isset($_SESSION['logged_in'] && $_SESSION['logged_in'] == 'success')) {

    header('location:home.php')
}

// do the usual login page stuff like a form, a username checking etc
// ...

// when user supplies correct username and password, 
// set the session variable and redirect to home.php
$_SESSION['logged_in'] = 'success';
header('location:home.php')
0

After login. If i press back and than forward button then it should go on login.php. But its comming on home.php

0

OK, I think I understand now. Forget about my previous post.

On your login page you first set the sesion value that signals unsuccessful login:

$_SESSION['logged_in'] == 'failure';

When user logs in successfuly you assign a success value to a session.

$_SESSION['logged_in'] == 'success';

On each page where user should be logged in check for the session login value and if not OK redirect to login page:

if(!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] != 'success') {

    header('location:login.php');
}

When user gets back to login page his session value becomes failure and if he clicks back or forward buutton to get to the authenticated page he will get redirected to the login page.

Edited by broj1

0

i am still getting same problem..... when i am press back button just after sign in. its going to login page. but if i am again press forward button then its going to forward page. i tried above sol. but its not helping me out....is there anothe solution.....

I read this prob. some where that... browser save the pages in cache and when we call back button its upload from cache only.....

Edited by newbie1234

0

Browser saves pages in cache and when you click back button it loads page from cache if it is there and has not been changed otherwise it requests it from the server again.

Regarding your problem: could you post the code for both login and home page.

0

my login.php

<?php

include ('database_connection.php');
if (isset($_POST['formsubmitted'])) {
  // Initialize a session:
session_start();
$error = array();//this aaray will store all error messages


if (empty($_POST['e-mail'])) {//if the email supplied is empty 
    $error[] = 'You forgot to enter  your Email ';
} else {


    if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) {

        $Email = $_POST['e-mail'];
    } else {
         $error[] = 'Your EMail Address is invalid  ';
    }


}


if (empty($_POST['Password'])) {
    $error[] = 'Please Enter Your Password ';
} else {
    $Password = $_POST['Password'];
}


   if (empty($error))//if the array is empty , it means no error found
{ 



    $query_check_credentials = "SELECT * FROM members WHERE (Email='$Email' AND Password='$Password') AND Activation IS NULL";



    $result_check_credentials = mysqli_query($dbc, $query_check_credentials);
    if(!$result_check_credentials){//If the QUery Failed 
        echo 'Query Failed ';
    }

    if (@mysqli_num_rows($result_check_credentials) == 1)//if Query is successfull 
    { // A match was made.


 session_start();

        $_SESSION = mysqli_fetch_array($result_check_credentials, MYSQLI_ASSOC);//Assign the result of this query to SESSION Global Variable
   $last_login=date("y.m.d");
     mysqli_query($dbc,"UPDATE members SET `last_login` = '$last_login' WHERE Memberid='$_SESSION[Memberid]'") or die(mysql_error());           
    $_SESSION['msg_success']='No';           
        header("Location: jobs.php");


    }else
    { 

        $msg_error= 'Either Your Account is inactive or Email address /Password is Incorrect';
    }

}  else {



echo '<div class="errormsgbox"> <ol>';
    foreach ($error as $key => $values) {

        echo '  <li>'.$values.'</li>';



    }
    echo '</ol></div>';

}


if(isset($msg_error)){

    echo '<div class="warning">'.$msg_error.' </div>';
}
/// var_dump($error);
mysqli_close($dbc);

} // End of the main Submit conditional.

and my home.php

<?php
ob_start();

include ('database_connection.php');




page_protect();
$error = array();
/ /session_start();
if(!isset($_SESSION['Memberid'])){
header("Location: login.php");
} 
if(!isset($_GET['cate'])){
header("Location: jobs.php?cate=0");
}     else{ 
    $memberid=$_SESSION['Memberid'];
    $Cal_total=0;
    $ip=$_SERVER['REMOTE_ADDR'];
    $connection = mysqli_query($dbc,"SELECT `Balance`, `Job_success`, `Username`, `Email`, `Job_done` FROM `members` WHERE `Memberid`='$memberid'");
    if (!$connection) {
            $error[] = 'Sorry! Please try after some time or Contact Us.';
            //die('Invalid query: ' . mysql_error());
    }
       else{
    list($Balance, $Job_succ, $Username, $Email, $Job_done) = mysqli_fetch_row($connection);

 echo $Balance;
             ?>
0

On login page you need to check session. If it is set then you need to redirect user to home page as shown below.

if(!isset($_SESSION['Memberid'])){
header("Location: home.php");
} 

Also make sure session_start() should be in top of page.You can add session_start() in database_connection.php file.

0

As I said in my previous post if you do not want to get to the authenticated page by clicking back/forward buttons you have to unset or change session variable that is used for checking the valid login on the unauthenticated page and check for validity on all autheticated pages (and redirecting if not valid authentication). That has not been done in your scripts.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.