>I can logout with session_unregister - but w00t about the back button? > >This is probably so trivial that it has been discussed before, if anyone >has some knowledge or link at hand mind passing it on? Thanks.
If you are using Cookies, then everything is fine. Their cookies will be gone, and the back button will not alter that. If you pass the SID through the URL, and do session_unregister, again, they'll "see" the old data maybe, but as soon as they move forward, the "new" data will be in force. If you're worried about the back button and Security, you can try some headers() to convince the browsers not to cache (search archives for "no-cache") but the bottom line is going to be "User Education" They either *quit* the browser, or risk that it's a stupid broken browser that ignored your request not to cache the data. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
