Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

log out help


  • Please log in to reply
2 replies to this topic

#1 KamakaZ

KamakaZ

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:09:09 PM

Posted 30 January 2009 - 12:07 AM

I have a log in script that set's a cookie, each page they visit looks for this cookie, if they don't have it, they are directed to the log in screen. When user's log out it runs the script below to delete the cookie, which works fine.

<?php 
$past = time() - 200; 
//this makes the time in the past to destroy the cookie 
setcookie(ID_my_site, gone, $past); 
setcookie(Key_my_site, gone, $past); 
header("Location: /gaming/index2.php"); 
?>

Problem is that the pages they have visited can still be seen if they haven't closed there browser because it stores them in temp internet files. Is there a way to delete it from temp internet files, or make it get an updated version of the page each time they try to access it?

I think i've seen it done before in the (html) header, it sets a time on how long the page is valid for or something?

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.


BC AdBot (Login to Remove)

 


#2 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:04:09 AM

Posted 30 January 2009 - 08:47 AM

You can't control browser behavior and make it delete anything. You can try to set the page to not cache, which works with varying degrees of success.

#3 KamakaZ

KamakaZ
  • Topic Starter

  • Members
  • 739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria
  • Local time:09:09 PM

Posted 01 February 2009 - 11:41 PM

I ended up finding this on the net:

header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Mon, 23 Jun 1986 12:00:00 GMT"); // This date is in the past.
header("Pragma: no-cache");

it works rather nicely.

There's no place like 127.0.0.1
There are 10 types of people in the world, those that can read binary, and those who can't.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users