用户按下注销并销毁 session 后,如何禁用后退浏览器按钮?
[英]How can I disable the back browser button after user press logout and destroy session?
问题描述
I am having trouble with session_destroy() .
我在使用session_destroy()时遇到问题。
When the User press Log out it have to destroy the session.当用户按下注销时,它必须销毁 session。 I wrote the following code:我写了以下代码:
Logout.php注销.php
<?php
session_start();
session_destroy();
header("location: LoginViewController.php");
?>
After pressing log out , when I press the browser back button it is showing my previous Logined user page and session username in Login.php page按下注销后,当我按下浏览器后退按钮时,它会在Login.php页面中显示我以前的登录用户页面和 session 用户名
Login.php登录.php
<?php
session_start();
$_SESSION['user']= $_GET['username'];
echo '"<div style="background:white; text-align:right"> Login as:'.$_SESSION['user'].'</div>"';
echo '<a href="Logout.php" style="text-align:right">Logout</a>';
LoginViewController.php LoginViewController.php
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
$Username = $_POST['uname'];
$Password = $_POST['pwd'];
$User_Type=$_POST['type'];
If (!(empty($Username) && empty($Password) && empty($User_Type))){
$model = new UsersModel();
$rowsCount = $model->checkUser($Username,$Password,$User_Type);
if ($rowsCount!=0){
header("location:login.php?username=".$_POST['uname']."");
} else {
echo '<script type="text/javascript">alert("Enter username and password correctly");
window.location.href="LoginViewController.php";</script>';
}
}
I don't know why it is working like that.我不知道为什么它会这样工作。
Please help me to find out where I commit mistake.请帮助我找出我犯错的地方。
I want to disable that browser back button after logout.我想在注销后禁用该浏览器后退按钮。
8 个解决方案
解决方案1
8 已采纳 2013-06-06 12:30:32
login.php page : login.php 页面:
<?php
if (isset($_POST['uname'], $_POST['pwd'], $_POST['type'])) {
$Username = $_POST['uname'];
$Password = $_POST['pwd'];
$User_Type=$_POST['type'];
if (!(empty($Username) || empty($Password) || empty($User_Type)))
{
$model = new UsersModel();
$rowsCount = $model->checkUser($Username,$Password,$User_Type);
if ($rowsCount!=0)
{
$_SESSION['user'] = $Username;
header("Location:LoginViewController.php");
} else {
echo 'Bad user';
}
} else {
echo 'Please, fill all inputs';
}
} else {
echo 'Bad form sent';
}
?>
<form name="f1" method="POST" action="" >
// inputs
</form>
LoginViewController.php :登录视图控制器.php :
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
if (!isset($_SESSION['user'])) {
header('Location: login.php');
exit();
}
echo 'You have successfully logged as '.$_SESSION['user']
?>
And add the headers to force the browser to revalidate the pages :并添加标题以强制浏览器重新验证页面:
logout.php :登出.php :
<?php
session_start();
session_destroy();
$_SESSION = array();
header("location: login.php");
?>
解决方案2
4 2013-06-06 11:44:02
This is caused by the browser cache that is keeping details in the page, if you refresh the page or you move any further in your private area you will be prompted to login page and you will not be able to see anything, assuming that your login check system is correctly configured.这是由在页面中保存详细信息的浏览器缓存引起的,如果您刷新页面或在您的私人区域中进一步移动,您将被提示登录页面并且您将无法看到任何内容,假设您的登录检查系统配置是否正确。
You can otherwise force the browser to not cache the page and have a new request to the server for the page否则,您可以强制浏览器不缓存页面并向服务器发送新的页面请求
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
解决方案3
2 2013-06-06 11:43:40
You should do a redirect from your logout script.您应该从您的注销脚本进行重定向。
For example:例如:
header("Location: index.php");
You if user hits back next time, it'll go to the logout.php page again, where you can do the check again and redirect again :) It's an infinite loop if the user tries again.如果用户下次回击,它会再次转到 logout.php 页面,在那里您可以再次进行检查并再次重定向:) 如果用户再次尝试,这是一个无限循环。
解决方案4
1 2013-06-11 05:39:33
Here is my LoginController.php这是我的 LoginController.php
<?php
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
//If you are submitting the form insert the details into database //如果您正在提交表单将详细信息插入数据库
$Username = $_POST['uname'];
$Password = $_POST['pwd'];
$User_Type=$_POST['type'];
session_start();
If (!(empty($Username) && empty($Password) && empty($User_Type)))
{
$model = new UsersModel();
$rowsCount = $model->checkUser($Username,$Password,$User_Type);
if ($rowsCount!=0)
{
$_SESSION['user'] = $Username;
header("location:login.php");
} else
{
echo '<script type="text/javascript">alert("Enter username and password correctly");
window.location.href="LoginViewController.php";</script>';
}
}
}
?>
Here is my after Login page(login.php).. and displays the session user name and logout link这是我的登录后页面(login.php)..并显示会话用户名和注销链接
<?php
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
session_start();
if(!isset($_SESSION['user']))
{
header('Location: LoginViewController.php');
exit();
}
echo '"<div style="background:white; text-align:right"> Login as:'.$_SESSION['user'].'
<a href="Logout.php" style="text-align:right">Logout</a></div>"';
?>
Here is my Logout.php这是我的 Logout.php
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
session_start();
session_destroy();
header("Location: LoginViewController.php");
?>
解决方案5
0 2013-06-06 11:53:03
if (window.history) {
window.history.forward(1);
}
解决方案6
0 2013-06-06 12:41:31
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
解决方案7
0 2015-09-16 06:14:40
Try this code on all pages except login page and login validation page.在除登录页面和登录验证页面之外的所有页面上尝试此代码。
session_start();
if (!$_SESSION['sesuname']) {
echo "You are not logged in.";
exit();
} else {
/* All other codes must be here */
}
解决方案8
0 2022-09-09 04:15:16
Here is how I stopped backing up in Chrome: I use this function:以下是我停止在 Chrome 中备份的方法:我使用这个 function:
function do_html_url($url) {
echo '
<html>
<body>
<script type="text/javascript">
window.location.replace("'; echo $url; echo '");
</script>
<noscript>Sorry, your browser does not support JavaScript</noscript>
</body>
</html>';
return;
}
Then, in index.php (first page of my site) I set a switch to 0;然后,在 index.php (我网站的第一页)中,我将开关设置为 0; and in the "before" page test if the switch is zero, and if not return control to index.php by calling the function above as do_html_url("index.php").并在“之前”页面中测试开关是否为零,如果不是,则通过调用上面的 function 作为 do_html_url("index.php") 将控制权返回给 index.php。 In the "after" page, set the switch to 1, which will cause the "before" page to reject an attempt to back up to it.在“之后”页面中,将开关设置为 1,这将导致“之前”页面拒绝尝试备份到它。
Example:例子:
- In my first page (index.php): $_SESSION['needoffersw']=0;在我的第一页(index.php)中: $_SESSION['needoffersw']=0;
- In my later "before" page: if ($_SESSION['needoffersw'].=0) {do_html_url("index;php");}在我后来的“之前”页面中: if ($_SESSION['needoffersw'].=0) {do_html_url("index;php");}
- In my "after" page: if ($_SESSION['needoffersw'];=0;在我的“之后”页面中: if ($_SESSION['needoffersw'];=0;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.