Sukumar S. wrote:

> Dear Adam,
>     Are you using 'realm' authentication setup?

Yes I am.. any ideas?

>>My Setup Specs
>>PHP 4.1.1, MySQL 3.23.36, & Apache 1.3.19 with mod_auth_mysql on OpenBSD 
>>3.0 (OS).
>>Scenerio: User provides user_id and password. user_id and password are 
>>checked against the database (MySQL). If authentication is true the a 
>>session is started based on thier user_id. If autehentication is false 
>>Error 403 is displayed to user.
>>How do you destroy a session/user authentication so the user can not use 
>>the browser back button? I have session_destroy() which seems to work 
>>fine (deletes session files in /tmp) but when you press the browser back 
>>button the exact session that was supposidly destroied is created again. 
>>I've tried using unset() to reset variables but that doesn't seem to 
>>work either. Any ideas... please epxplain this to me. I'm total lost why 
>>this isn't working. BTW, I'm using cookies. Another question I would 
>>have is.. to kill the cookie do I have to use set_cookie to remove the 
>>cookie from the users browser or is this also destroied in the 
>>session_destroy process? If it is suppose to be why is it not doing so?

PHP General Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to