Sukumar S. wrote: > Dear Adam, > > Are you using 'realm' authentication setup?
Yes I am.. any ideas? >>My Setup Specs >>-------------- >> >>PHP 4.1.1, MySQL 3.23.36, & Apache 1.3.19 with mod_auth_mysql on OpenBSD >>3.0 (OS). >> >>Issue >>----- >> >>Scenerio: User provides user_id and password. user_id and password are >>checked against the database (MySQL). If authentication is true the a >>session is started based on thier user_id. If autehentication is false >>Error 403 is displayed to user. >> >>How do you destroy a session/user authentication so the user can not use >>the browser back button? I have session_destroy() which seems to work >>fine (deletes session files in /tmp) but when you press the browser back >>button the exact session that was supposidly destroied is created again. >>I've tried using unset() to reset variables but that doesn't seem to >>work either. Any ideas... please epxplain this to me. I'm total lost why >>this isn't working. BTW, I'm using cookies. Another question I would >>have is.. to kill the cookie do I have to use set_cookie to remove the >>cookie from the users browser or is this also destroied in the >>session_destroy process? If it is suppose to be why is it not doing so? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
