问题
I've protected page for 3 level user. level 1--> admin = datapegawai.phplevel 2--> owner
level 3--> employee. When I back it after logged out, this page (datapegawai.php) always back.<?php
session_start();
unset($_SESSION['user']);
session_destroy();echo"<meta http-equiv='refresh'content='0; url=login.php'>";?>
http://pastebin.com/AvF0PmCk
回答1:
@Ayuktia : You are destroying session. So when you pressing back. Browser is showing cached page. Do following things.
1) Pages which are behind the login, check if session exists. If not redirect it to login page.
2) Use headers that will tell browser not to cache pages which require authentication.
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
3) Use header permanent redirection.
header("Location: login.php",TRUE,302);
die();
回答2:
don't use echo"<meta....
instead use
header("Location:MynewURL");
(and also after close ? > add a lot of
<!-- dummy -->
because IE doesn't recognize in a good way the header tag when it had less than some kb
来源:https://stackoverflow.com/questions/27429803/how-to-prevent-php-going-back-page-after-log-out