How Facebook and Google handles the back button after logout?

817 Views Asked by Aniket Pandey At 24 April 2025 at 04:25

I am working on a php project in codeigniter. When a user logs out, he/she is directed to login page. But when he/she clicks the back button of browser, he/she gets to see the home page just before the log out, which definitely not a good thing. I have added session check on every page so that when a user reloads any page after logout he/she will be directed to login page. As far as i think, this happens due to web browser using cache for the back button.So one solution as given in many stack overflow forums and others is to clear the cache, which i too did. But another problem came that the document expires after back button, which is not good from the UX point of view. Another solution is to add javascript code to restrict the page to itself when pressing back button, which surely works. But since the javascript is client side, this won't work if you disable it from browser. If you check the Gmail or facebook or any good site ,they handle it really well and no ,it's not by just javascript code , as suggested in this forum How Google deals with the Back Button after logout? , So my question is how do they handle it in real?

Original Q&A

There are 2 best solutions below

dpaksoni On 05 January 2017 at 05:14

On home page, you'll need to check if SESSION is active. When user is logging out, you'll need to destroy SESSION.

For example: -On Home Page

session_start();
if(!isset($_SESSION['variableName']))
{ 
  header("location:login.php");
}

On logout page:

session_start();
session_destroy();

Hope this helps.

Sankar Smith On 05 January 2017 at 05:21

One time I got that problem and finally I got many tiny solutions for that.

Put noscript tag in common header file. I return a text when the JS turn off.

<noscript>Your browser does not support JavaScript!</noscript>

Another Method to check the user logged or not at every intervel

setInterval(function(){
  $("#autorefresh").load("checklogin.php?screenName=autorefresh");
}, 5000);

And finally put this back prevent js history.pushState(null, null, 'loginController.php?time=

$currentDateTime; ?>');
    window.addEventListener('popstate', function(event) {
            history.pushState(null, null, 'loginController.php?time=<?php echo $currentDateTime; ?>');
    });

This is my experience knowledge... Thank You

How Facebook and Google handles the back button after logout?

There are 2 best solutions below

Related Questions in JAVASCRIPT

Related Questions in PHP

Related Questions in FACEBOOK

Related Questions in BACK

Related Questions in USER-EXPERIENCE

Trending Questions

Popular # Hahtags

Popular Questions