I am making a SESSIONS-based user authentication system. I created a function that does the LOGOUT which looks like this:
session_destroy(); // Cancela/Exclui a sessão iniciada
unset($_SESSION['usuario']);
?>
<script type="text/javascript">
location.href='index.php';
</script>
But by clicking the browser's "back" button, the script is not pointing to the home page. I put the following code on the protected page:
session_start();
if(!isset($_SESSION['usuario'])){
header("Location: index.php?error=2");
}
On the authentication page, my code looks like this:
$usuario= $row["usuario_id"];
$nivel = $row["nivel_usuario"];
$nome = $row["nome"];
$fnc = $row["funcao"];
session_start();
if($nivel == 2 ){
$_SESSION['adm'] = "$nome";
$_SESSION['usuario'] = "$usuario";
} else {
$_SESSION['nor'] = "$nome";
$_SESSION['usuario'] = "$usuario";
}
echo '<script type="text/javascript">window.location = "pages/index.php?fnc=' . $fnc . '"</script>';
}
} else {
echo '<script type="text/javascript">window.location = "index.php?erro=2"</script>';
}
}