So I have the need to prevent user caching on particular pages. I've read the manual pages on header [php.net] and session_cache_limiter [php.net].

Am I right to think that these snippets are ALL that I need to reliably prevent users from caching the pages?

When using sessions:

session_cache_limiter('nocache');
session_start();

When not using sessions:

header("Cache-Control: no-cache, must-revalidate");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

I don't understand the comments on those manual pages about sending a dozen different headers. Are they all necessary? Or are they legacy hacks?