1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable back button after logout?

Discussion in 'JavaScript and AJAX' started by aspguy, May 12, 2009.

  1. aspguy

    aspguy New Member

    Joined:
    May 2, 2005
    Messages:
    59
    Likes Received:
    1
    Trophy Points:
    0
    I would not want my users when logout use the back button and see the user content once again. How can I disable back button after logout?

    I thought of something like this

    <BODY onload="history.go(+1)" >

    but any other option you would suggest ?
     
  2. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,287
    Likes Received:
    364
    Trophy Points:
    83
    Why would you want to be doing that but I would suggest its better of clearing the cookies / session and so if back is hit then it refreshes from server and not the cached version of the page is rendered.
     
  3. akshits

    akshits New Member

    Joined:
    May 10, 2009
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    0
    Hello,

    Disabling the back button is 101% unrealistic. A long way to do so is:-

    1> Your logout link must be like:-

    Code:
    <a href="logout.jsp" target="_new" onclick="location.replace('browserClose.php');">Logout</a>
    Will open a new tab in Mozilla and a new window in IE. On click the open window will goto "browserClose.php"

    Other way is using the following on each page to prevent page caching:-

    Code:
    
    <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
    <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
    <META NAME="ROBOTS" CONTENT="NONE"> 
    <META NAME="GOOGLEBOT" CONTENT="NOARCHIVE">
    
    
    -or-

    Code:
    
    <?php
    
    function setExpires($expires) {  
     header(  
       'Expires: '.gmdate('D, d M Y H:i:s', time()+$expires).'GMT');  
    }  
    setExpires([I]timing needed[/I]);  
    ?>
    
    
    Regards
     
    shabbir likes this.
  4. akshits

    akshits New Member

    Joined:
    May 10, 2009
    Messages:
    23
    Likes Received:
    2
    Trophy Points:
    0
    The meta tags must also be on page includes.
    Sorry.

    Regards,
    Akshit Soota
     
  5. gkumar

    gkumar New Member

    Joined:
    Jun 16, 2009
    Messages:
    58
    Likes Received:
    5
    Trophy Points:
    0
    I have seen this question asked many times in forums, but I either don't understand the solution, or I try the solution, and it doesn't work. Here goes:

    I have a cookie login script, but whenever I expire the session cookie, the user can still hit the back button, and see the last page. I want to be able to clear the cache, or use some other method to disable the back button. I don't want to use javascript, because that can be disabled by the user. I especially want to use this when a user deletes their account.

    I currenty have a logout perl script that redirects to a web page after the cookie is expired.

    The latest thing I saw in a forum and tried, is to put the following in all the pages to expire the cache, but it doesn't work:

    Code:
    <meta http-equiv="pragma" content="no-cache" /> 
    <meta http-equiv="expires" content="0" />
    I know there has to be a way to do this right, because it's used with secure servers all the time. After you log out, if you hit the back button, it shows "session expired".

    Does anyone know how the pro's are doing this? Thanks!

    Also, could someone tell me how you can get this forum to instant email you everytime someone replies? It usually only does it once for me. I use the instant email setting when I submit a thread.
     
  6. james4u

    james4u New Member

    Joined:
    Feb 9, 2011
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    I faced the similar issue in implementing this and fixed by adding the following in the Cache-control

    Code:
    "Cache-Control", "no-store, no-cache, must-revalidate"
     

Share This Page