Here I got a problem that my session expired is not secure I think.. I use this code, but user can click button back and go to previous page. Means session not destroy.. May I know why its happen. Within 15 min it will be logout but user can go the previous page by click button back. No need to login..What I want here, that user must login again because system will destroyed within 15 min. Anybody can help me??
header("Expires: Sat, 01 Jan 2020 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
header( "refresh:900;url=index.php" );//auto logout(15minutes)