Manually Expiring Web Pages artificially make web pages
Author: Joe Clark translation: detrox
After going through a series of pages during a registration process, you do not want the user to be able to go back after the final submit. What can you do to manually "expire" those pages, and perhaps display a custom message?
After filling out a series of web pages during a registration process, you don't want users to return to the previous page after the final commit. How should you do to make these pages to expire, and give a customized message if possible.
In this scenario, I did not want my session to expire as I needed it to continue Instead, I used an extra session variable to track whether my session was alive or not There are three main components:.. (1) the entry script , (2) The cache-control directive, (3) The Conditional Check, and (4) Manually Expiring a Portion of the session.
In this close, I don't want my session to expire, because I need it to continue to run. I use an extra session variable to track whether my session is active. There are three main components: (1) Entrance script (2) Cache Control Indicator (3) Condition Detection and (4) Manually make a part of the session expire.
The entry script entrance script
I use an entry script to start my session. This Accomplishes Two Things: (1) Destroys Any Session Already in Progress, and (2) Starts a New Session.
I use an entry script to start my session. It is used to complete two things: (1) destroy any session already existing in the process, and (2) start a new session.
Entry.php:
In the above script, we start the session, get rid of any registered session variables with session_unset (), and destroy that session with session_destroy (). Then, we start a new session and register a session variable. This particular variable will track whether This Portion of the session is alive or not. We set the variable to some value, the we redirect to our first page in the registration series. In the above script, we started session, using session_unset () clearing all registered session Variables, and use session_destory () to destroy the previous session. Then we start a new session and register a session variable. This particular variable will track whether this part of the session is active. We will set some values for variables, then redirect to our first page of our series of registered webpages.
Cache-Control and Conditional Check Cache Control and Condition Detection
In The Following Code Snippet, We WE WILL Auto-Detect IF The session is still in use. In the short code, we will automatically detect whether the session is still being used.
CreateAccount.php:
The "Cache-control" directive above is very important. Using "must-revalidate" tells the browser that it has to fetch the page from the server again instead of loading if from its cache. Because it reloads the page from the server, it Will Re-Check The $ _SESSION ["Alive"] Variable to See if ITS Value IS "1". IF SO, The Page Can Load Properly. If Not, Then We'll Redirect The User To Another Page That Contains a Custom Error message. Placing this script at the beginning of every page in the registration series will catch every "Back" button press by the user. It's not enough to place it on the last page in the registration series as a user could press the "Back" Button More Than Time. I have this snippet in createaccount.php, createaccount1.php, createaccount2.php and createaccount3.php. The cache control indicator is important. Tell the browser using "Must-REVALIDATE" should be read from the server side instead of using the cache from the browser. Because the web page rereads from the server side will retrieve the $ _SESSION ["Alive" variable to see if his value is 1. If it is, the web page will be read normally. If not, we will redirect the user to a web page that custom error message. Put this script to each page of the registration series page, you can capture the clicks of the "Back" button for each user. It is not enough to put this script in a series of registered web pages, because users may click on the "Back" button more than once. I wrote this content into createAccount.php, createaccount1.php, createaccount2.php and createaccount3.php.
Manually Expire The session manually makes session expire
THE Last a portion of it. In My Case, I Wanted The session to stay alive, so i could not use session_unset () or session_destroy (). However, I DIDN (). HOWEVER, I DIDN. 'Twant the user to go back to the previous pages and change "] VARIABLE? AFTER THE FINAL SUBMIT, All We Have to Do Is Get Rid of It. THIS Get Rid of It. THIS :
The last thing to do is that the people have expired session, or at least a part of it. In this case, I want the session to keep the activity, so I can't use session_unset () or session_destroy (). But anyway, I don't want the user to return to the previous page to change anything. Remember $ _SESSION ["alive" variable? What we have to do is to get rid of it after the last submission. There are two ways to achieve the purpose of CreateAccount4.php (The page instator):
or
Either way will accomplish the same thing. Now, when the "Back" button is pressed, the user will not return the the previous page and be able to change data and resubmit. Instead, they will be redirected to error100.php (or WhatVER Page You Choose) AND WILL GET A Custom Error Message.
Any method can do the same thing. Now, when the "Back" button is pressed, the user will not return to the previous page to do data changes and repeated submit. Instead, the user will be redirected to ERROR 100.PHP (or any page you select) and get a customized error message.
So, the next time you want to stop the user from going back to change data previously entered, and if you want manual control over it, use this method. Just remember that the entry script sets the session variable to the "alive" state, and the exit script (right after your final submit during the process) sets the session variable to a "not alive" state The. "Cache-control: must-revalidate" forces the browser to reload the page from the server, and the " Alive "Check is Performed. Redirection to a Custom Page Occurs When the session variable is not" alive ".
