How to prevent pages from being loaded by the browser after logging out

Asked

Viewed 61 times

0

I’m trying to make an academic site where users need to log in (login page :pagina.php) there will be directed to the page(name.php) where you connect to the bank and if you have the registration goes to the site.php, and then where you will log out(logoutt.php)but when I log out and press the browser back button (instead of directing me to login where I should log in again), it is going to the page (site.php). If you can help me.

Note: I am still learning, this site is more to learn in practice`

Pagina de login:

<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  </head>
  <body>
     <div class="login">
    <form method="POST" action= 'nome.php'>
<label class="bottom">Login: </label><input type="text" name="login" id="login"><br>
<label>Senha: </label><input type="password" name="senha" id="senha"><br>
<input type="submit" value="login" id="login" name="login">
</form>
  </div>
  
</body>
</html>

pagina enquanto estar logado:

<!DOCTYPE html>
<html>
<head>
	<?php
session_start();
if((!isset ($_SESSION['login'])) and (!isset ($_SESSION['senha'])))
{
    unset($_SESSION['login']);
    unset($_SESSION['senha']);
    header('location:index.php');
    }
?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>SISTEMA WEB</title>
</head>
 
<body>
<table width="800" height="748" border="1">
  <tr>
    <td height="90" colspan="2" bgcolor="#CCCCCC">SISTEM WEB TESTE
      
	Olá <?$_SESSION['login']?>! <a href="logoutt.php"/>Logout!</a>
    </td>
  </tr>
  <tr>
    <td width="103" height="410" bgcolor="#CCCCCC">MENU AQUI</td>
    <td width="546">CONTEUDO E ICONES AQUI</td>
  </tr>
  <tr>
    <td colspan="2" bgcolor="#000000"> </td>
  </tr>
</table>
</body>
</html>

Pagina de logout:

<?php
session_start();
session_unset();
unset($_SESSION["login"]);
unset($_SESSION["senha"]);
session_destroy();
?>

1 answer

3


Just put a protective function on each page that should be protected. example

<?php     
  if(!isset($_SESSION['id'])){
    header('Location: /pagina.php');
    exit();
  }    
?>

If there is no $_SESSION['id']; he sends the guy to /php page.

as soon as the guy enters the correct login and password, put the database database ID, on $_SESSION['id']

and when the guy accesses the logou.php just destroy the session using session_detroy(); and then a header('Location: /pagina.php');

Browser other questions tagged

You are not signed in. Login or sign up in order to post.