On Thursday 02 January 2003 01:56, David Tandberg-Johansen wrote: > [CUT] > > I am using SESSION on al my secure projects > I use a file structur as this: > (loginform) -> logincheck.php (if not ok->back2login | if ok (start an > session)(forward to the secure pages)) > > When the user logs out: > (securepages)->logout.php: > <?PHP > //go through all the session array an unregister the varname > foreach($_SESSION as $key=>$val){ > session_unregister("$key"); > } > // We destroys the session > session_destroy(); > > //if there are an cookie vith the session name we have to unset it > //so the browser doesn't hvae the information > if(isset($_COOKIE[session_name()])){ > // To delete the old cookie > unset($_COOKIE[session_name()]); > } > //we starts an new session > session_start(); > //and we destroys it again > session_destroy(); > //Now there are an new session cookie in the browser, > //and if the user try go back there are no data stored in the session > > //we forward the user to an unsecure public page > header("Location: ./unsecurepublicpage.php"); > ?>
If you use Opera to access your application, does the BACK button allow you to see previously viewed 'secure' pages after being logged out? -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* the AA battery in the wallclock sends magnetic interference */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php