i have a problem for logout code.... i dont want the "back" button can click or after user click logout, his can't back to the his account without login again... please help me... or any suggestion or web that teach how to do it.... please inform me... thanks.....
I'm not sure I get what you're trying to do... when they click back do you want them to stay logged in or log them out?
when they click back.... i want they logged out. if they need to check account again, they need to login again.
I think he wants them to stay logged out. However, I believe that you cant stop a user pressing the "Back" button, on the log out page you should destroy the users session by using "session_destroy()" although they will still be able to see the contents, they wont be able to go anywhere e.g. Click any links to anywhere else in the "Secure Area" - if it's done correctly, the system should show a "Please log in page" or something similar.
yes... you got it. ya.. that it what i need.... but i don't know how to use "session_destroy()".... can u gave me some example how to use it in this situation. please... i'm a beginner.... thanks...
Hi User, Better to use Java Script in logout page. Paste this Script in head section. <script language="JavaScript"> window.history.forward(1); </script> YOu can't back after logout. if you are maintaining session then remove session. so i am atteching PHP Script. <?php $value='logout.php';// put here logout page name. setcookie("urlvalue", $value, time()-3600); //this code will remove session. ?> if you need any help let me know. u can reach me on this id: Thanks Samir
You should never, ever, ever, ever use a cookie to store session data or if a session is logged out. Below is code for my logout: session_start(); ob_start(); session_destroy(); header("Location: index.php"); ob_flush(); PHP: That will redirect you to "index.php" after the person has logged out . Just place it in a file called logout.php or something like that. Cheers Marc
Try this ..will work <?php // Initialize the session. // If you are using session_name("something"), don't forget it now! session_start(); // Unset all of the session variables. $_SESSION = array(); // If it's desired to kill the session, also delete the session cookie. // Note: This will destroy the session, and not just the session data! if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/'); } // Finally, destroy the session. session_destroy(); include_once("login.php"); ?> Code (markup):
unset($_SESSION['user_first_name']); unset($_SESSION['user_never_leaves_my_site']); unset($_SESSION['user_seems_suspicious']); unset($_SESSION['user_comes_and_hangs_out_everyday_wtf_theres_nothing_THAT_interesting']); unset($_SESSION['user_hey_you_shouldnt_you_go_eat_go_outside_go_to_the_bathroom']); session_unset();
try to use javascript after you kill your session, after killing your session like $_SESSION[] = array(); or session_destroy, try to put <script>location.replace('index.php');</script> or any other file so that it will redirect to the index.php and try to put on the page where your authentication is working an script the check if there is still a session and check it to the database if you update your database when you are logout or even in session... if the session is empty then you will put another location.replace to go back to the index page. =) hope it helps. =)