Posted by Jerry Stuckle on 11/01/06 12:43

crescent_au@yahoo.com wrote:
> Michael Fesser wrote:
>
>>>People can just go back
>>>and access the pages inspite of being logged out.
>>
>>Of course they can go back in the browser history, but if they're logged
>>out they shouldn't be able to do anything on that expired page anymore.
>>
>
>
> In my case, when I press the browser's back button, it takes me to the
> previous logged-in screen. In addition to that, the previous session,
> token and IP are also stored in the database. I think this shouldn't
> happen once the database is cleared of these entries when logged out.
> Any thoughts?
>

Check this again and you will find you are mistaken here. When you
press the back button, everything is being done on the client. There is
no communication with the server.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

• Next in forum: Re: not displaying null data when using number_format
• Prev in forum: Re: need help with logout (logout not perfect)
• Thread view: Re: need help with logout (logout not perfect)

[Reply to this message]