On Thursday 02 January 2003 01:56, David Tandberg-Johansen wrote:
> [CUT]
>
> I am using SESSION on al my secure projects
> I use a file structur as this:
> (loginform) -> logincheck.php (if not ok->back2login | if ok (start an
> session)(forward to the secure pages))
>
> When the user logs out:
> (securepages)->logout.php:
> <?PHP
> //go through all the session array an unregister the varname
> foreach($_SESSION as $key=>$val){
> session_unregister("$key");
> }
> // We destroys the session
> session_destroy();
>
> //if there are an cookie vith the session name we have to unset it
> //so the browser doesn't hvae the information
> if(isset($_COOKIE[session_name()])){
> // To delete the old cookie
> unset($_COOKIE[session_name()]);
> }
> //we starts an new session
> session_start();
> //and we destroys it again
> session_destroy();
> //Now there are an new session cookie in the browser,
> //and if the user try go back there are no data stored in the session
>
> //we forward the user to an unsecure public page
> header("Location: ./unsecurepublicpage.php");
> ?>
If you use Opera to access your application, does the BACK button allow you to
see previously viewed 'secure' pages after being logged out?
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
the AA battery in the wallclock sends magnetic interference
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
