When they click logout, remove the marker from the database that specify
they are logged in.
Then you must on all pages see if this marker is either 'on' or 'off'. But
sessions would be better for this since it is one sql query less. Just
unregister the variable on logout and check with:
if (!session_is_registered('user_logged')) {
// Anything for non logged users, for example:
header('Location: login.php');
}
Being 'user_logged' the varibale name you will register when they logged
in.
--
Julio Nobrega
A hora está chegando:
http://toca.sourceforge.net
"John Martin Alfredsson" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi !
>
> I have a site where I do the user autentication myself. (I auth
> against a database). I want to be able to let a user logout, that is
> when the user is logged out she/he should not be able to just
> press the back button in the browser to get back or use a cached copy
> of the login screen.
>
> How do I do this ?
> The Server is IIS and PHP is 4.0.6.
>
> /Martin
> jma(at)jma.se
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
