After logout browser’s back button into twenty sixteen theme profile

Question

I have tried numerous ways to prevent the browser’s back button from allowing someone from using it to go back into a visitors logged out profile. The codes I used were supposed to prevent the browser from caching data from the last page visited after logout. They don’t work. WordPress logs the visitor out once they click the logged out button, yes this portion wors. Unfortunately, you can see the last page visited by the person who was logged on. The session is destroyed but the cache still holds the info for the last page visited. If you click any link on the profile page you will be brought back to the login page. You were not supposed to have been able to leave this login page without logging in. What code can use to force the browser to delete the data in the cache so the someone can not view info from a loggedout profile. Javascript would pose a security risk. Yes, I know that you can not delete the browser’s history, but there must be a secure code for this. WordPress comes with file that destroys the session but I can’t find that file in the twenty sixteen code. Also, these codes do not work:

  if(!isset($_SESSION['logged_in'])) : 
  header("Location: login.php");  

  unset($_SESSION['logged_in']);  
  session_destroy();   

Can you Pleeease help!!!

0
, , , , user117689 5 months 0 Answers 89 views 0

Leave an answer