Button to return the code line after logging out

Question

Button to return the code line after logging out

I am trying to stop / disable the functionality of the browser back button when a user exits my CodeIgniter (PHP) application. But, I think the browser caches the page so that it becomes visible, despite the fact that the session was destroyed at the exit from the system.

I know that the session is dead because when the user tries to do something (click any link, etc.), they exit the methods in my controller.

It is not ideal for the back button to work this way, since the previous page contains confidential information.

Do not tell me how to solve this problem, maybe redirect the page between them (but then the user can quickly click the "Back" button), help!

Thank.

+5

html php caching codeigniter session

Adam waite May 02, '12 at 17:44

source share

6 answers

I think it can help you, it works for me.

CodeIgniter Framework Version:

$this->output->set_header('Last-Modified:'.gmdate('D, d M Y H:i:s').'GMT');
$this->output->set_header('Cache-Control: no-store, no-cache, must-revalidate');
$this->output->set_header('Cache-Control: post-check=0, pre-check=0',false);
$this->output->set_header('Pragma: no-cache');

PHP version:

header('Last-Modified:'.gmdate('D, d M Y H:i:s').'GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0',false);
header('Pragma: no-cache');

if you use PHP OOP, enter the above code into your constructor on your pages.

+13

surfsamson Sep 7 '12 at 21:55

source share

:

, cookie if.
.
, .

cookie , .

if(isset($_COOKIE['ci_session'])){ 
  $user= $this->security->xss_clean($this->input->post('user'));
  $pass= $this->security->xss_clean($this->input->post('pass'));

  $result = $usrLog->loguearUsuario($user, $pass);

  if($result == TRUE){
     $data = $this->session->set_userdata('logged_in', $sessArray);
     $this->load->view('pages/admin', $data);
  }

}else{
   header('Location: login'); 
}

, ! !: -)

+1

Emily 12 . '15 13:51

, - " " , header ( " 3; url = home.php" );

0

user1370510 May 02 '12 at 18:10

source share

You can use javascript to close the window after logging out - thus removing any possibility of returning pages.

Many online banks do this to solve this problem.

0

Laurence May 03 '12 at 4:36

source share

I think the following should help you

1) Create a logout.php file and add the following code to it

<html>
 <head>
  <script src="http://code.jquery.com/jquery-1.10.1.min.js"></script>
<script type="text/javascript">
$( document ).ready(function() {
$( "#submit" ).trigger( "click" );
});
</script>
</head>

<body>
<form action="<?php echo base_url();?>login" method="post">
<input type="submit" id="submit" style="display: none;">
</form>
</body>
</html>

2) Change the logout function to load a file of the form above logout.php

0

Amit horakeri Nov 19 '13 at 6:15

source share

dwilkins · Accepted Answer · 2012-05-03T21:38:14+0000

Add this to prevent caching of the previous page:

header("cache-Control: no-store, no-cache, must-revalidate");
header("cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");

Button to return the code line after logging out

More articles: