I'm trying to close a session without the logged in surfer clicking "log out" (through a onunLoad javascript function which loads i different php document with the otherwise working php code for destryoing a session). I have a working "Log out" link which destroys the session and the variables in it but if the surfer doesn't click on it the session variables are still there and they can go back through their browser history and continue their session as logged in!
So, how to destroy a session wihtout beeing able to control where the surfer clicks? I´ve gone through the documents and FAQ's without understanding any solution so I'd be most grateful for any help! Regards, Ake Svensson, aspiring database designer (MySQL/PHP/Linux)
