Sukumar S. wrote:
> Dear Adam,
>
> Are you using 'realm' authentication setup?
Advertising
Yes I am.. any ideas?
>>My Setup Specs
>>--------------
>>
>>PHP 4.1.1, MySQL 3.23.36, & Apache 1.3.19 with mod_auth_mysql on OpenBSD
>>3.0 (OS).
>>
>>Issue
>>-----
>>
>>Scenerio: User provides user_id and password. user_id and password are
>>checked against the database (MySQL). If authentication is true the a
>>session is started based on thier user_id. If autehentication is false
>>Error 403 is displayed to user.
>>
>>How do you destroy a session/user authentication so the user can not use
>>the browser back button? I have session_destroy() which seems to work
>>fine (deletes session files in /tmp) but when you press the browser back
>>button the exact session that was supposidly destroied is created again.
>>I've tried using unset() to reset variables but that doesn't seem to
>>work either. Any ideas... please epxplain this to me. I'm total lost why
>>this isn't working. BTW, I'm using cookies. Another question I would
>>have is.. to kill the cookie do I have to use set_cookie to remove the
>>cookie from the users browser or is this also destroied in the
>>session_destroy process? If it is suppose to be why is it not doing so?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]