Gossamer Forum
Home : Products : DBMan : Discussions :

Add-on to logoff ... Still need a little help

Quote Reply
Add-on to logoff ... Still need a little help
Hi all

I added the tweak to db.cgi that prevents a user from going [back] in the browser history and doing things after logoff. However - this is easily circumvented if a user goes all the way back in a browser history to the screen where the UID/pw was first typed in; what happens is that the UID/pw is still retained in the input fields, so really anyone can still login. Can this be fixed? Or does it require cookies?

I had added
unlink ("$auth_dir/$uid");
For the first modification, and it works fine for its purposes, but I'd like its function to be expanded if possible. .. (?)