Adil Drissi wrote:
> Well, i'm doing all that. Maybe something is wrong in
> my code. I'll arrange my code in a way that it will be
> easy to run and i'll post it. I think like that,
> you'll see by yourself and you gonna help to fix that
> for sure.
>
> Thank you
> --- Shawn McKenzie <nospam@xxxxxxxxxxxxx> wrote:
>
>> Adil Drissi wrote:
>>> Hi everybody,
>>>
>>> I need help with sessions.
>>> I have a simple authentification relying only on
>>> sessions (i don't use cookies). After the user
>> submits
>>> his username and password, the script checks if
>> that
>>> corresponds to a record in a mysql table. If this
>> is
>>> the case "$_SESSION['sessioname'] =
>> $_POST['login'];".
>>> the $_SESSION['sessioname'] is checked in
>> subsequent
>>> pages to see if the user is connected or not.
>>> The problem is after the user logs out, and after
>> that
>>> uses the previous button of the browser he becomes
>>> connected. How can i prevent this please.
>>>
>>> Here is my logout.php:
>>>
>>> <?php
>>> session_start();
>>> unset($_SESSION["sessioname"]);
>>> session_destroy();
>>> header("location: index.php");
>>> ?>
>>>
>>> Thank you for advance
>>>
>>>
>>>
> ____________________________________________________________________________________
>>> Looking for last minute shopping deals?
>>> Find them fast with Yahoo! Search.
> http://tools.search.yahoo.com/newsearch/category.php?category=shopping
>> I don't think they are "reconnected". What happens
>> if they logout, then
>> hit back, then hit refresh? Are they loggedin?
>> Probably not. It may
>> just appear that way because the back bottom brings
>> up a cache of the
>> previous page. But once the user tries to do
>> anything that requires
>> that they be loggedin, I doubt they can.
>>
>> -Shawn
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
>
>
> ____________________________________________________________________________________
> Never miss a thing. Make Yahoo your home page.
> http://www.yahoo.com/r/hs
>From the code you've shown it should work fine, but you might do
unset($_SESSION); or $_SESSION = array(); instead of
unset($_SESSION["sessioname"]);. Regardless, the fact is that the page
you see is cached and I can't believe that after logout you can go back
and then click a link to another page and still be loggedin.
-Shawn
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
