Adil Drissi wrote:
> Hi everybody,
>
> I need help with sessions.
> I have a simple authentification relying only on
> sessions (i don't use cookies). After the user submits
> his username and password, the script checks if that
> corresponds to a record in a mysql table. If this is
> the case "$_SESSION['sessioname'] = $_POST['login'];".
> the $_SESSION['sessioname'] is checked in subsequent
> pages to see if the user is connected or not.
> The problem is after the user logs out, and after that
> uses the previous button of the browser he becomes
> connected. How can i prevent this please.
>
> Here is my logout.php:
>
> <?php
> session_start();
> unset($_SESSION["sessioname"]);
> session_destroy();
> header("location: index.php");
> ?>
>
> Thank you for advance
>
>
> ____________________________________________________________________________________
> Looking for last minute shopping deals?
> Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
I don't think they are "reconnected". What happens if they logout, then
hit back, then hit refresh? Are they loggedin? Probably not. It may
just appear that way because the back bottom brings up a cache of the
previous page. But once the user tries to do anything that requires
that they be loggedin, I doubt they can.
-Shawn
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
