mrsrinivas
mrsrinivas

Reputation: 35454

how to remove browser history in codeigniter?

Hi I am working on a project (PHP-CodeIgniter, MySQL). In my application I am creating session for users data(userid, username) after successful login by the user and unset the session after signout.

"Here the main problem if i click on back button of browser I can able to see the previously visited pages in my application after signout also".

How can prevent this with codeigniter?

Thanks in advance

Upvotes: 1

Views: 4158

Answers (3)

mrsrinivas
mrsrinivas

Reputation: 35454

Just add these lines in .htaccess after RewriteEngine on

<Files *>
    Header set Cache-Control: "private, pre-check=0, post-check=0, max-age=0"
    Header set Expires: 0
    Header set Pragma: no-cache
</Files>

I prefer this because we need to add this at only one place(.htaccess) and it affect the entire application.

Upvotes: 0

Dan Murfitt
Dan Murfitt

Reputation: 1039

There are some JavaScript ways of stopping the use of the back button (as Raheel mentioned) but reliable control over this sort of behaviour could be tricky. If a user was on a page and could see it, there is nothing to stop them taking a screenshot, for example.

You should also make sure you are sending the correct headers to stop the page being cached:

$this->output->set_header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
$this->output->set_header("Cache-Control: no-store, no-cache, must-revalidate");
$this->output->set_header("Cache-Control: post-check=0, pre-check=0", false);
$this->output->set_header("Pragma: no-cache");  

Source: http://codeigniter.com/forums/viewthread/137096/#675799

Even with this, I'm not sure if all browsers will obey the headers, but it's a good start.

Upvotes: 7

Muhammad Raheel
Muhammad Raheel

Reputation: 19882

When you are logged out although you can visit the previous page but can not perform an activity. If you perform any activity it should first redirect you to login page.

Upvotes: 1

Related Questions