session expired -> redirect user to another page.

Hello

I am using the new session management function from PHP4.
session_start()

how do u redirect a user to another page if his session is expired?

here is what i want to do:

1. user Tom enter his correct username and password.
2. my system use session_register() function register a variable in his cookie.
3. user Tom clicked Logout
4. my system use session_destory() function and redirect Tom to the login page.
5. Now, Tom click the 'BACK' button of his browser, a page showed 'page expired, hit reload button ... ...'.

here is my question, how do I redirect Tom to the login page if he clicked the BACK button?

i guess you should use a cookie or somewhat
trigger a variable that shows if the user is logged in or not

------------------

I'm also running into problems with this. The problem is that the script isn't executed when the person clicks the back button, it just displays the same page that was cached. so checking a cookie or variable will not hav e any effect. i'm thinking there might be a way to do this in javascript (preventing the use of the back button entirely), and i posted something to the javascript forum. i'll let you know what i hear.

if anyone else has any ideas, please let us know...

To redirect the user...
header ("Location: Login.php4");

Re your javascript question, you can set the page to timeout();

You should be able to put head tags with nocache option set: Here are some header examples:
<BLOCKQUOTE><font size="1" face="Verdana,Arial,Helvetica">code:</font><HR><pre>
<meta name="ROBOTS" content="INDEX, NOFOLLOW">
<meta http-equiv="refresh" content="3600">
<meta http-equiv="Window-target" content="_top">
[/code]

I can't remember what the cache one is named but it is set with value "nocache".

Then user will be foreced to reload. Or set the refresh to low value, either way hope it helps.

------------------

http://www.php.net/manual/function.header.php

That is where the function header. An important note is that it must come before the body of the page.

This one is also nice: You can put some more useful stuff in your the header-part. This one is very useful to prevent caching:
header ("Expires: Mon, 31 Dec 1990 06:00:00 GMT");
header ("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header ("Pragma: no-cache"); // HTTP/1.0

------------------

<form>
<input type="button" value="Go" onClick="window.location.replace('nextpage.html');">
</form>

The current pages history entry will be replaced with the nextpage.html and this will also load the nextpage.html.

(originally posted by Spookster)

You can mess around with this to get the desired effect.

Simon

------------------
Simon Wheeler
FirePages -DHTML/PHP/MySQL