Welcome Guest, Not a member yet? Register   Sign In
how to delete session histroy??
#1

[eluser]Unknown[/eluser]
Hi guys,


I'm coding a simple login system it working good except in one thing, which is user profile could be accessed after logging out by clicking back button of the browser.

I've made sure that the session destroyed, but I couldn't solve it. So, how to erase the logged history by the browser.


Any help appreciated.

Thanks guys
#2

[eluser]Prophet[/eluser]
You can unset the userdata to be sure that everything is deleted:
Code:
$this->session->unset_userdata('userdata_name');

Usually $this->session->sess_destroy(); is enough to do it though.
#3

[eluser]arthurhanlon[/eluser]
The same thing happens to me too.

When my user logs out and hits the back button they are put back into the admin section of my application. The only way that you can know if you are logged out is to try to visit another page within the admin section or press F5 THEN it'll tell you you are not logged in.

Have I missed a setting somewhere like caching that would allow this type of functionality?

Cheers,
Arthur
#4

[eluser]WanWizard[/eluser]
The only way to prevent a back button to stop working is to tell the browser not to cache the page in the http header. And even that is not fool proof.

I shouldn't focus to much on that. If your application is properly written, any action the user performs on that admin page after using the back button should detect that the user is no longer logged in, and should take appropriate action.




Theme © iAndrew 2016 - Forum software by © MyBB