Prevent returning back after logout

[eluser]WanWizard[/eluser]
You can not rely on browser headers. Browsers can choose to ignore it. The user can use a proxy that ignores the header, etc.

Can you explain why this is an issue?

The user has already seen this page, so there is nothing on there that is a secret. And any action that can be called from that page should be blocked by your authorisation system since the user no longer has a valid session.

[eluser]elevend[/eluser]
@jbtx:
this is my code
Home Controler:

Code:

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Home extends CI_Controller {

public function __construct() {
  parent::__construct();
  $this->load->model('All_model');
  $this->no_cache();  
}

public function index(){
  if($this->session->userdata('data_login') == TRUE){
   $sess = $this->session->userdata('data_login');
   $data['username'] = $sess['userName'];
   $data['role'] = '';
   $data['date'] = mdate('%l, %j %F %Y', time());
   return $data;
  }
  else redirect(base_url() . 'Login');

  $this->template
    ->title('Rockliffe Indonesia')
    ->set_partial('header','header')
    ->set_partial('menu','menubar')
    ->set_partial('left','menuspecial')
    ->set_partial('right','advertising')
    ->set_partial('include','include/include_file')
    ->set_layout('default')
    ->build('content/index',$data);
}

private function no_cache(){
  $this->output->set_header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT');
  $this->output->set_header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
  $this->output->set_header('Pragma: no-cache');
  $this->output->set_header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");  
}
}

Login Controller:

Code:

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller{
public function __construct() {
  parent::__construct();
  $this->load->model('All_model');
  $this->no_cache();
}

public function index(){
  if($this->session->userdata('data_login') == TRUE){
   redirect(base_url() . 'Home');
  }
  else{
   $data['page'] = 'index';
   $this->template
     ->title('Rockliffe Indonesia')
     ->set_partial('header','header')
     ->set_partial('menu','menubar')
     ->set_partial('left','login')
     ->set_partial('right','advertising')
     ->set_partial('include','include/include_file')
     ->set_layout('default')
     ->build('content/index',$data);
  }  
}

public function doLogout(){
  $this->session->sess_destroy();
  redirect(base_url() . 'Login');
}

public function doLogin(){
  $input = $this->input->post();
  
  if($input['txtUsername'] == '')
  {
   $this->session->set_flashdata('err', 'Username Must Fill');
   redirect(base_url().'');
  }
  else if($input['txtPassword'] == '')
  {
   $this->session->set_flashdata('err', 'Password Must Fill');
   redirect(base_url().'');
  }
  else
  {
   $data = array(
    'Username' => $input['txtUsername'],
    'Password' => $input['txtPassword'],      
   );
  
   $query = "CALL proc_login(?,?)";
  
   $result = $this->All_model->query_data($query, $data, true);
  
   if($result)
   {    
    $this->session->set_userdata('data_login',$result);
    redirect(base_url().'Home');
   }
   else
   {
    $this->session->set_flashdata('err', 'Username or Password Invalid');    
    redirect(base_url().'');
   }
  }
}

private function no_cache(){
  $this->output->set_header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT');
  $this->output->set_header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
  $this->output->set_header('Pragma: no-cache');
  $this->output->set_header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
}
}
?>

[eluser]elevend[/eluser]
@WanWizard: this is become issue, we can see previous data from user input..

[eluser]WanWizard[/eluser]
[quote author="elevend" date="1332154248"]@WanWizard: this is become issue, we can see previous data from user input..[/quote]
Which the user has already seen (because it was his/her input)? What's the secret here?