Posted by Nacho on 10/12/06 11:47

Hello people

I have the following problem

I have a private area in my site.
The user enters the username and password, then clicks "enter" and the
session is created and also a session variable is created and set to
true.
Every page of the private area, checks whether this session variable is
set to true and then if so, it gives you access, otherwise it redirects
to a noaccess page.
The user moves arround the private area, do whatever he/she has to do
and then logs out. Then the session is destroyed and the session
variable also.

Now if the user clicks the back button of the explorer, is redirected
to a noaccess page, fine, and so on as long as the user navigates back
in the session, but when the user gets to the log on page, it recovers
the POSTDATA and sets againg the session variable to true and anyone
can see then the private area.

I have set the page not to be cached, but it does not work,.....

Does anyonw how to solve this problem??

Thanks

• Next in forum: Re: visibility matter on converting object to array
• Prev in forum: how to run php code within string?
• Thread view: Problem with a session

[Reply to this message]