Use PHP to manually expire web pages_PHP tutorial

Use PHP to manually expire web pages detrox [Translation]
Keywords web page expiration, registration web page writing
Source http://www.phpbuilder.net/columns/clark20030702.php3

Manually Expiring Web Pages
Manually Expiring Web Pages

Author: Joe Clark
Translation: detrox

After going through a series of pages during a registration process, you don't want the user to be able to go back after the final submit. What can you do to manually "expire" those pages, and perhaps display a custom message?

After completing a series of pages in a registration process, you don’t want users to be able to return to previous pages after the final submission. What should you do to manually expire these pages and if possible give a customized message.

In this scenario, I didn't want my session to expire as I needed it to continue. Instead, I used an extra session variable to track whether my session was alive or not. There are three main components: (1) the entry script, (2) the Cache-control directive, (3) the conditional check, and (4) manually expiring a portion of the session.

In this level, I don’t want my session to expire because I need it to continue functioning. I use an additional session variable to track whether my session is active. There are three main components: (1) entry script (2) cache control indicator (3) condition detection and (4) manual expiration of part of the session.

THE ENTRY SCRIPT
Entry script
I use an entry script to start my session. This accomplishes two things: (1) destroys any session already in progress, and (2) starts a new session.

I use an entry script to start my session. It does two things: (1) destroy any sessions that already exist in the process, and (2) start a new session.

entry.php:

php session_start(); session_unset(); session_destroy(); session_start(); session_register('alive'); $_SESSION["alive"] = "1"; Header("Location: /php/createaccount.php");?>
In the above script, we start the session, get rid of any registered session variables with session_unset(), and destroy that session with session_destroy(). Then, we start a new session and register a session variable. This particular variable will track whether this portion of the session is alive or not. We set the variable to some value, then we redirect to our first page in the registration series.

In the above script, we start the session, use session_unset() to clear all registered session variables, and use session_destory() to destroy the previous session. Then, we start a new session and register a session variable. This specific variable will keep track of whether this part of the session is active. We'll set some values ​​for the variables and then redirect to the first page of our series of registration pages.

CACHE-CONTROL AND CONDITIONAL CHECK
Cache control and condition detection
In the following code snippet, we will auto-detect if the session is still in use.
In the following short code snippet, we will auto-detect if the session is still in use. , we will automatically detect whether the session is still in use.

createaccount.php:

php session_start(); header("Cache-control: must-revalidate"); if ($_SESSION["alive"] != "1") { // User is attempting to go back after the session was destroyed //The user tried to return before the session was destroyed Header("Location:/php/error100.php"); }?>
The "Cache-control" directive above is very important. Using "must-revalidate" tells the browser that it has to fetch the page from the server again instead of loading if from its cache. Because it reloads the page from the server, it will re-check the $_SESSION["alive"] variable to see if its value is "1". If so, the page can load properly. If not, then we'll redirect the user to another page that contains a custom error message. Placing this script at the beginning of every page in the registration series will catch every "Back" button press by the user. It's not enough to place it on the last page in the registration series as a user could press the "Back" button more than one time. I have this snippet in createaccount. php, createaccount1.php, createaccount2.php and createaccount3.php.

The cache control indicator above is very important. Use "must-revalidate" to tell the browser that it should read the page from the server instead of reading it from the browser's cache. Because the web page re-read from the server will re-check the $_SESSION["alive"] variable to see if its value is 1. If yes then the web page will be read normally, if not then we will redirect the user to a web page with a customized error message. Place this script at the beginning of each page of the registration series page to capture every user click on the "Back" button. Simply placing this script on the last page of a series of registration pages is not enough because users may click the "Back" button more than once. I wrote this content into createaccount.php, createaccount1.php, createaccount2.php and createaccount3.php.

MANUALLY EXPIRE THE SESSION
Manually expire the SESSION
The last thing to do is manually "expire" the session, or at least a portion of it. In my case, I wanted the session to stay alive , so I could not use session_unset() or session_destroy(). However, I didn't want the user to go back to the previous pages and change things. Remember that $_SESSION["alive"] variable? After the final submit, all we have to do is get rid of it. There are two ways to do this:

The last thing to do is to manually expire the session, or at least partially expire it. In this case, I want the session to stay active, so I can't use session_unset() or session_destroy(). But anyway, I don't want the user to go back to the previous page to change something. Remember the $_SESSION["alive"] variable? All we have to do is get rid of it after the last commit. There are two ways to achieve the goal

createaccount4.php (the page after the final submit):

or
Either way will accomplish the same thing. Now, when the "Back" button is pressed, the user won't return the the previous page and be able to change data and resubmit. Instead, they will be redirected to error100.php (or whatever page you choose) and will get a custom error message.

Either method can accomplish the same thing. Now, when the "Back" button is pressed, the user will not be able to go back to the previous page to make data changes and resubmit. Instead the user will be redirected to error100.php (or any page you choose) and get a customized error message.

So, the next time you want to stop the user from going back to change data previously entered, and if you want manual control over it, use this method. Just remember that the entry script sets the session variable to the "alive " state, and the exit script (right after your final submit during the process) sets the session variable to a "not alive" state. The "Cache-control: must-revalidate" forces the browser to reload the page from the server, and the "alive" check is performed. Redirection to a custom page occurs when the session variable is not "alive".

So, next time you want to prevent the user from returning to the previous page to change previously entered data, if you want to manually control it, use this method. Remember to use the entry script to set the session variable to the "alive" state, and use the exit script (after the final commit action in the process) to set the session variable to the "not alive" state. "Cache-control: must-revalidate" forces the browser to reread the web page from the server and implement "alive" detection. When the session variable is no longer "alive", redirect to a custom page.

http://www.bkjia.com/PHPjc/735099.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/735099.htmlTechArticleUsing PHP to manually expire web pages detrox [Translation] Keyword web page expiration, registration web page writing source http://www .phpbuilder.net/columns/clark20030702.php3 Manually Expiring Web Pages Manually...