Your login.php uses the POST method to send the username and password to
main.php. In general this is a good idea, because you do not want someone's
password available from the URL. If you used the GET method you would not
have a problem with the page expiring, but the password would be available
in the URL.
I do not know of any way to get around this problem, browsers do not
automatically resend POST data as a security measure. This is a good thing.
In order to get around this you need to change the logic of your scripts.
Put the verification and session code in login.php. Login.php should check
for the username and password variables. If they do not exist just show the
login form. If they do exist, check them for validity and if they are valid
redirect to that page.
Gustavo Luis Pereira Verly <[EMAIL PROTECTED]> wrote in
> ----- Original Message -----
> From: "Gustavo Luis Pereira Verly" <[EMAIL PROTECTED]>
> To: "PHP" <[EMAIL PROTECTED]>
> Sent: Tuesday, November 13, 2001 2:26 PM
> Subject: [PHP] Expiration problem
> > Hi everybody, this is my first time writing in this list.
> > I have the next problem:
> > I have a page called
> > login.php
> > and when I log in, there's a new page who receive the user and the
> > password, and this page is called
> > main.php
> > This page, check if the user have a valid account and a password; and if
> > this is OK, then make a session for the user. This work OK; but, from
> > main.php I go to a link in the same page, but with a new parameter, for
> > example: <a href="main.php?option=1"> and the page showme another
> > (because this new screen only appears when I put the "option=1" as
> > parameter); and this also OK.
> > The problem appears when I make click on the BACK BUTTON from my
> > and the browser go back from "main.php?option=1" to the "main.php" page,
> > get me a error:
> > the page was expire, you have to click REFRESH button on
> > browser to send the information again.
> > (( or sometime like that; I don't remember the exacts words, 'cause is a
> > spanish Internet Explorer ))
> > Can somebody helpme with this problem?
> > Thanks
> > Gustavo Pereira
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]