page protection not working right in safari

Question

GraficRegret 0 Junior Poster

11 Years Ago

so the page protection code I finally got to work is working properly in all the browsers however with safari after I log out i can click the back button and get into the protected pages and change things, however once the submit button is hit or the page is left a second time, then the protection kicks in, however this is to late if someone has already made the changes that they want to. Anyone with any ideas to fix this? here is the code protecting the page:

<?php
session_start();
include 'conection_code.php';
if(isset($_SESSION['user_id']))
{
?>

Web page code is placed here, then there is an else statment.

<?php
}else
{
    echo "<br /><br /><br /><br />";
    echo "<strong><center>"."You Are Not Authorized To view This Page......<a href='admin.php'>Please Login First !!</a>"."</center></strong>";
}
?>

php

2 Contributors
6 Replies
123 Views
2 Hours Discussion Span
Latest Post 11 Years Ago Latest Post by GraficRegret

gon1387 22 Newbie Poster

11 Years Ago

Hi GrapficRegret,

Have you checked the script file where you accept the changes(data) if it also has protection not to process incomming data if they're not authenticated and authorized?

gon1387 22 Newbie Poster

11 Years Ago

Yup, they shouldn't, I think the one that was reloaded was a cached page. I was refering to the "changed things" you were referring to; I pressumed there were writing on either your DB or some data storage.
Anyway, you can control the way the browser caches your pages. But then it will be a pain in the ass for the server if not configured well.

changes
I forgot to tell you about the PRG pattern. Try to use it to avoid refresh problem with form resubmission. Here's a reference to get you started:
PRG pattern

Edited 11 Years Ago by gon1387

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

GraficRegret 0 Junior Poster · Answer 1 · 2012-12-24T15:44:00+00:00

they shouldnt be able to get back to the page to begin with, i will try adding validation to the insert script too but that still doesnt solve that they should not be able to get to the page with the back button to begin with, thanks for the advice

GraficRegret 0 Junior Poster · Answer 2 · 2012-12-24T17:13:32+00:00

ok thank you I will check that out, however it is still not working right, is there any way to force the page to refresh just once after hitting the back button? then the problem would be solved.

gon1387 22 Newbie Poster · Answer 3 · 2012-12-24T17:26:31+00:00

is there any way to force the page to refresh just once after hitting the back button?

In PHP, none. :)

GraficRegret 0 Junior Poster · Answer 4 · 2012-12-24T17:42:46+00:00

thats ok I just needed to add onUnload="window.addEventListener("unload", invalidateBackCache, true), into the body tag, thanks for your time.