1. We have moved from vBulletin to XenForo and you are viewing the site in the middle of the move. Though the functional aspect of everything is working fine, we are still working on other changes including the new design on Xenforo.
    Dismiss Notice

Disable back button after logout?

Discussion in 'JavaScript and AJAX' started by aspguy, May 12, 2009.

  1. aspguy

    aspguy New Member

    I would not want my users when logout use the back button and see the user content once again. How can I disable back button after logout?

    I thought of something like this

    <BODY onload="history.go(+1)" >

    but any other option you would suggest ?
  2. shabbir

    shabbir Administrator Staff Member

    Why would you want to be doing that but I would suggest its better of clearing the cookies / session and so if back is hit then it refreshes from server and not the cached version of the page is rendered.
  3. akshits

    akshits New Member


    Disabling the back button is 101% unrealistic. A long way to do so is:-

    1> Your logout link must be like:-

    <a href="logout.jsp" target="_new" onclick="location.replace('browserClose.php');">Logout</a>
    Will open a new tab in Mozilla and a new window in IE. On click the open window will goto "browserClose.php"

    Other way is using the following on each page to prevent page caching:-


    function setExpires($expires) {  
       'Expires: '.gmdate('D, d M Y H:i:s', time()+$expires).'GMT');  
    setExpires([I]timing needed[/I]);  
    shabbir likes this.
  4. akshits

    akshits New Member

    The meta tags must also be on page includes.

    Akshit Soota
  5. gkumar

    gkumar New Member

    I have seen this question asked many times in forums, but I either don't understand the solution, or I try the solution, and it doesn't work. Here goes:

    I have a cookie login script, but whenever I expire the session cookie, the user can still hit the back button, and see the last page. I want to be able to clear the cache, or use some other method to disable the back button. I don't want to use javascript, because that can be disabled by the user. I especially want to use this when a user deletes their account.

    I currenty have a logout perl script that redirects to a web page after the cookie is expired.

    The latest thing I saw in a forum and tried, is to put the following in all the pages to expire the cache, but it doesn't work:

    <meta http-equiv="pragma" content="no-cache" /> 
    <meta http-equiv="expires" content="0" />
    I know there has to be a way to do this right, because it's used with secure servers all the time. After you log out, if you hit the back button, it shows "session expired".

    Does anyone know how the pro's are doing this? Thanks!

    Also, could someone tell me how you can get this forum to instant email you everytime someone replies? It usually only does it once for me. I use the instant email setting when I submit a thread.
  6. james4u

    james4u New Member

    I faced the similar issue in implementing this and fixed by adding the following in the Cache-control

    "Cache-Control", "no-store, no-cache, must-revalidate"

Share This Page