Hi guys,

I've built a basic MVC framework for my app
it works as follows

the app is accessible using only one file which is index.php

then it generates the pages required in the backend and then store it in a variable and then echos it out.

so if i want to display the members page the person enters the username and password and this data is posted and checked against a database and if the details match then it generates a members page and stores it inside a variable and then echo statement echos the page out. if the username and pass doesnt match then error page is generated and stored in a variable and then echoed.

so here is the problem. if someone logs out then home page is then regenerated and session killed and all that. but i have a problem when someone clicks back button. because when the back button is pressed the posted form data is reposted. meaning the username and password so it relogs the user in.

How can I get around it?

sorry for the long explaination.

Member Avatar

Are you sending the form to itself or to a formhandler file?
Sending the data to a formhandler which then uses header to go back tot he form page should prevent the repost.

Well what you could do is:

Put the logout script in a separate file. Then, when the user clicks "logout", he is sent to that file. The logout file redirects him to the homepage. So then, when the user clicks "back" when he is on the home page, he is simply redirected back to that home page :).

P.S.: You can redirect using a header(), e.g. header('location: index.php').

diafol & minitauros,

thanks for your reply.

diafol, when someone clicks logout it sends post data saying logout to index file and then its caught and the appropriate model will do the job. Im not using any header function to redirect as my system generated the pages that needs to be displayed...

minitauros, what happens if the user presses back button few times which then goes back up to the page where the user entered the login details?

Member Avatar

minitauros and I are saying the same thing.
You're routing everything through index.php, so any all the action happens there. Sending to logout.php and header() to index.php should solve it.