avoid go back after logout

Question

i found these questions, where the op has the same problem than me.

1 2

However, i can\'t solve my problem. The user press logout button, then the page is redi

Answer 1

Even though the user can press the back button and see the previous page which was protected by login, doesn't mean the user is logged in again. They can't do anything - it is just a static copy of a page they previously viewed.

It is normal behaviour that the user can press the back button and see previous pages, and sites should not attempt to break this. It is a browser feature.

In most circumstances, it is safe to allow the back button to operate normally even while a user is logged in. Breaking the back button while a user is logged in would have bad usability consequences for the user. In order to prevent a user returning to a page after logging out, you'd have to make sure all pages they view while logged in cannot be returned to with the back button, which breaks the back button for their entire session.

There are methods you can use to try and disable the back button for logged in sessions, such as by declaring a page to be uncacheable (and unstorable). These may or may not offer varying degrees of protection against back button use. There are plenty of other questions on stackoverflow about disabling the back button - if you want to ignore advice and try to prevent it, please check it out.

Answer 2

you can try the following: create a session table where you store a session_id. when a user logs in, you create a session_id and store session id in the $_SESSION. every page you load, first you check if the session_id is available in the database. if not you go to the logging page. otherwise you load page and at the time of logout you delete session_id from database.

even though you can use the backbutton to go back no operation will be possible. you can also make the page non-cachable