login page dilemma

chrianne29

I'm having a hard time creating a login page. Every time I login and access the home page then click logout, when I press the back button of the browser it will go back to the home page even though I already clicked the logout button. I already used unset session_id and session_destroy but nothing happens.

here is my code for the login page:

<?php
session_start();
include ("class.php");

$conn_db = new db_conn;

if(isset($POST['login']))
{
$login = new login;
$login->new_login();
$login->username = $POST['username'];
$login->password = $_POST['password'];
}

?>
<html>
<body>
<form action="login.php" method="post">
<table>
<tr>
<td><p>Username: </p></td>
<td><input type="text" name="username" /></td>
</tr>
<td><p>Password: </p></td>
<td><input type="password" name="password" /></td>
</tr>
<td><input type="submit" name="login" value="LOGIN" /></td>
</tr>
</table>
</body>
</html>

Here's my code for the class library

<?php
//database connection
class db_conn
{
public $conn;
function __construct()
{
$this->conn = mysql_connect ("localhost", "root", "");

		if(!$this->conn)
		  {
		     die('Cannot connect to database' . mysql_error() );

		   }
		mysql_select_db("sess_cookie",$this->conn); 
   }

   function __destruct()
    {
	     $this->conn;
	 }

}

class login
{
public $username;
public $password;

function new_login()
{

   $validate = mysql_query("SELECT username, password, name from useraccount where username like '$this->username' and password like '$this->password'");

   while ($get_userpass = mysql_fetch_array($validate))
   {
      $username_internal = $get_userpass['username'];
	  $password_internal = $get_userpass['password'];
	  $user_name = $get_userpass['name'];
   }


   if(($username_internal == $this->username) && ($password_internal == $this->password))
    {   
	       header("Location: home.php");
		   $_SESSION['name'] = $user_name;
		   $_SESSION['session_id'] = session_id();

	}
	else 
	 {
         echo "Invalid Username and Password";  		   
	 }
}

}

And here is the code of my Home page

<?php
session_start();

include ("class.php");
$home_db = new db_conn;
if(isset($_POST['logout']))
{
header ("Location: login.php");

unset($_SESSION['session_id']);
session_unset();
}

echo "welcome" . $_SESSION['name'] . "Have a nice Day!";

?>

<html>
<body>
<form action="home.php" method="post">
<table>
<tr>
<td><input type="submit" name="logout" value="LOGOUT" /></td>
</tr>
</table>
</form>
</body>
</html>

what should I do? Is my syntax wrong? I will wait for your reply thank you

Alf_Bennett

when I press the back button of the browser it will go back to the home page even though I already clicked the logout button

Before you start hammering on your code for this issue....

After clicking the back button, refresh the page.

It is likely that you are looking at the page from your browser cache...