session is not destroyed

Question

i have this file

secure.php

session_start();
if(empty($_SESSION[\'u_name\'])) {
    header(\"Location:emprego.php\");
}

if(isset($_GET[\'logout\'])) {
         


        

Answer 1

Your browser keeps a copy of the page in cache. When you click the back button, you are seeing the local cached copy, not the current page from the server. If your security is set up properly, you will not be able to do anything meaningful from that cached page.

It is for this reason that secure websites (bank sites, for example) tell you to log off and clear your cache (or close the browser) after you log out.