I am using session after the login into the page and I have made logout page, i have written following code in logout page. <?php session_start(); session_unset(); header("Location"index.php"); ?> but when i click back button of browswer after logout it shows last page contents how can i avoid it?
Check some session variable that has to have a value, on every page you want protected by sessions (at the very top of the page, right after the <?php tag and session_start()). If the variable doesn't have a value (is null, or is blank or however you want to do it), redirect to the login page. (I use the login name - I carry it as a session variable, and I destroy it on logout.) Since the redirect is done in PHP, the user will never see the actual page, just the login page.