php 用户按下注销并销毁会话后,如何禁用后退浏览器按钮?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16961202/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can i disable the back browser button after user press logout and destroy session?
提问by Kvk Ganesh
I am having trouble with session_destroy().
When the User press Log outit have to destroy the session. I wrote the following code:
我遇到了麻烦session_destroy()。
当用户按下注销时,它必须销毁会话。我写了以下代码:
Logout.php
登出.php
<?php
session_start();
session_destroy();
header("location: LoginViewController.php");
?>
After pressing log out, when I press the browser back button it is showing my previous Logined user page and session username in Login.phppage
按注销后,当我按浏览器后退按钮时,它会在Login.php页面中显示我以前登录的用户页面和会话用户名
Login.php
登录.php
<?php
session_start();
$_SESSION['user']= $_GET['username'];
echo '"<div style="background:white; text-align:right"> Login as:'.$_SESSION['user'].'</div>"';
echo '<a href="Logout.php" style="text-align:right">Logout</a>';
LoginViewController.php
登录视图控制器.php
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
$Username = $_POST['uname'];
$Password = $_POST['pwd'];
$User_Type=$_POST['type'];
If (!(empty($Username) && empty($Password) && empty($User_Type))){
$model = new UsersModel();
$rowsCount = $model->checkUser($Username,$Password,$User_Type);
if ($rowsCount!=0){
header("location:login.php?username=".$_POST['uname']."");
} else {
echo '<script type="text/javascript">alert("Enter username and password correctly");
window.location.href="LoginViewController.php";</script>';
}
}
I don't know why it is working like that.
Please help me to find out where i commit mistake.
我不知道为什么它会这样工作。
请帮我找出我犯错的地方。
I want to disable that browser back button after logout.
我想在注销后禁用该浏览器后退按钮。
采纳答案by Brewal
login.php page :
login.php 页面:
<?php
if (isset($_POST['uname'], $_POST['pwd'], $_POST['type'])) {
$Username = $_POST['uname'];
$Password = $_POST['pwd'];
$User_Type=$_POST['type'];
if (!(empty($Username) || empty($Password) || empty($User_Type)))
{
$model = new UsersModel();
$rowsCount = $model->checkUser($Username,$Password,$User_Type);
if ($rowsCount!=0)
{
$_SESSION['user'] = $Username;
header("Location:LoginViewController.php");
} else {
echo 'Bad user';
}
} else {
echo 'Please, fill all inputs';
}
} else {
echo 'Bad form sent';
}
?>
<form name="f1" method="POST" action="" >
// inputs
</form>
LoginViewController.php :
登录视图控制器.php :
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
if (!isset($_SESSION['user'])) {
header('Location: login.php');
exit();
}
echo 'You have successfully logged as '.$_SESSION['user']
?>
And add the headers to force the browser to revalidate the pages :
并添加标题以强制浏览器重新验证页面:
logout.php :
登出.php :
<?php
session_start();
session_destroy();
$_SESSION = array();
header("location: login.php");
?>
回答by Fabio
This is caused by the browser cache that is keeping details in the page, if you refresh the page or you move any further in your private area you will be prompted to login page and you will not be able to see anything, assuming that your login check system is correctly configured.
这是由在页面中保存详细信息的浏览器缓存引起的,如果您刷新页面或在您的私人区域中进一步移动,您将被提示登录页面并且您将无法看到任何内容,假设您的登录检查系统配置是否正确。
You can otherwise force the browser to not cache the page and have a new request to the server for the page
否则,您可以强制浏览器不缓存页面并向服务器发送新的页面请求
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
回答by wintercounter
You should do a redirect from your logout script.
您应该从您的注销脚本进行重定向。
For example:
例如:
header("Location: index.php");
You if user hits back next time, it'll go to the logout.php page again, where you can do the check again and redirect again :) It's an infinite loop if the user tries again.
如果用户下次回击,它会再次转到 logout.php 页面,在那里您可以再次进行检查并再次重定向:) 如果用户再次尝试,这是一个无限循环。
回答by Kvk Ganesh
Here is my LoginController.php
这是我的 LoginController.php
<?php
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
//If you are submitting the form insert the details into database
//如果您正在提交表单将详细信息插入数据库
$Username = $_POST['uname'];
$Password = $_POST['pwd'];
$User_Type=$_POST['type'];
session_start();
If (!(empty($Username) && empty($Password) && empty($User_Type)))
{
$model = new UsersModel();
$rowsCount = $model->checkUser($Username,$Password,$User_Type);
if ($rowsCount!=0)
{
$_SESSION['user'] = $Username;
header("location:login.php");
} else
{
echo '<script type="text/javascript">alert("Enter username and password correctly");
window.location.href="LoginViewController.php";</script>';
}
}
}
?>
Here is my after Login page(login.php).. and displays the session user name and logout link
这是我的登录后页面(login.php)..并显示会话用户名和注销链接
<?php
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
session_start();
if(!isset($_SESSION['user']))
{
header('Location: LoginViewController.php');
exit();
}
echo '"<div style="background:white; text-align:right"> Login as:'.$_SESSION['user'].'
<a href="Logout.php" style="text-align:right">Logout</a></div>"';
?>
Here is my Logout.php
这是我的 Logout.php
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
session_start();
session_destroy();
header("Location: LoginViewController.php");
?>
回答by Arwin
Try this code on all pages except login page and login validation page.
在除登录页面和登录验证页面之外的所有页面上尝试此代码。
session_start();
if (!$_SESSION['sesuname']) {
echo "You are not logged in.";
exit();
} else {
/* All other codes must be here */
}
回答by Linda George
header("Cache-Control: private, must-revalidate, max-age=0");
header("Pragma: no-cache");
header("Expires: Fri, 4 Jun 2010 12:00:00 GMT");
回答by Manjunath
if (window.history) {
window.history.forward(1);
}
