i have a problem with my login page

simon2x1

New Member

Join Date: Dec 2008
Posts: 123

i have a problem with my login page

May 9 '09, 11:50 AM

i have two page the login page(login.php) and the userpanel page(userpanel. php)
in the login page whenever i put in the username and password then i click submit
it will get the userpanel page but the problem is whenever i am in the userpanel page and i click the back option on top of the browser it will take me back to the login page how can i fix this problem

Code:

<?
login.php
session_start();
 
if(isset($_GET['try'])) {
 
	If(empty($_POST['username']) OR empty($_POST['password'])) {
 
		echo 'Please fill in all the required fields';
 
	} else {

		$username = mysql_real_escape_string($_POST['username']);
		$password = md5($_POST['password']);

		$query = mysql_query("SELECT id FROM account
					   WHERE username = '" . $username . "' 
					   AND password = '" . $password . "'
					  ") or die(mysql_error());

		list($user) = mysql_fetch_row($query);
		if(empty($user)) {
 
			echo 'No combination of username and password found';
 
		} else {
 
			$_SESSION['user'] = $user;
			header('location: userpanel.php');
 
		}		
 
	}
 
}
?>

Tags: None

Markus

Recognized Expert Expert

Join Date: Jun 2007

Posts: 6092
#2

May 9 '09, 12:51 PM

Why is this a problem? People frequently make an issue out of this when there isn't an issue, much like the 'logged out, but can still press back button to view pages.'

Pages are stored in a browsers cache to make page loading faster and to provide the back and forward button feature, but that is all they're seeing: a cached page. If a user where to then try some functionality on the page, e.g., clicking a link, etc., providing you had the correct validation measures in place, you would be able to see that the user isn't logged in (or is) and take the appropriate action.

Mark.
Comment

i have a problem with my login page

i have a problem with my login page

Comment