How to prevent php from returning the page after logging out?

Question

How to prevent php from returning the page after logging out?

I was protecting a page for level 3 users. Level 1 -> admin = datapegawai.phplevel 2 -> owner Level 3 -> employee. When I return it after logging out, this page (datapegawai.php) will always return.
<?php session_start(); unset($_SESSION['user']); session_destroy();echo"<meta http-equiv='refresh'content='0; url=login.php'>";?>

http://pastebin.com/AvF0PmCk

+3

html php mysql session logout

Ayuktia Dec 11. 14 at 18:22

source to share

2 answers

do not use echo"<meta

....

instead use

header("Location:MynewURL");

(and also after closing?> add a lot

<!-- dummy -->

as IE doesn't recognize in a good way the title tag when it had less than some kb

0

BredeBS Dec 11. 14 at 18:25

source to share

MANISH ZOPE · Accepted Answer · 2014-12-11T18:31:54+0000

@Ayuktia: You are killing the session. So when you push back. The browser shows the cached page. Do the following things.

1) Pages behind login, check if the session exists. Unless you redirect it to the login page.

2) Use headers that tell the browser not to cache pages that require authentication.

header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past

3) Use permanent header redirection.

header("Location: login.php",TRUE,302); 
die();

How to prevent php from returning the page after logging out?

More articles: