Hi there,
I am currently trying to password a php site.
The login/logout functions work well, but after I log out I can still view the pages of the site when I am not logged in. If I click a link I am asked to log in again but it would be better if it was not possible to use the back function to access these pages.
Is there any way of blocking the back function on my web pages when not logged in?
Many thanks.

Log in page:
[php]
<?
// Login & Session example by sde
// auth.php

// start session
session_start();

// convert username and password from _POST or _SESSION
if($_POST){
$_SESSION['username']=$_POST["username"];
$_SESSION['password']=$_POST["password"];
}

// query for a user/pass match
$result=mysql_query("select * from users
where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");

// retrieve number of rows resulted
$num=mysql_num_rows($result);

// print login form and exit if failed.
if($num < 1){
echo "You are not authenticated. Please login.<br><br>

<form method=POST action=index.php>
username: <input type=text name=\"username\">
password: <input type=password name=\"password\">
<input type=submit>
</form>";

exit;
}
?> [/php]

[edited by: jatar_k at 7:31 pm (utc) on Dec. 6, 2005]
[edit reason] removed url [/edit]