4

I have implemented session into my application, but I need to allow the logged in user to use the back button to go to the previous pages. How do I make sure that the session does not expire and allows the user to view the previous page?

Here is my code

<?php
//Start session
    if (session_status() !== PHP_SESSION_ACTIVE) {
    session_start();
}
$User = $_SESSION["User"];
//Page content
?>

I have started the session, when I use the back button on browser I get a page that reads session has expired. Which I do not want to happen.

SoundStage
  • 802
  • 2
  • 9
  • 27

3 Answers3

1

If you have set up your session management correctly, you don't need to do anything.

However, this correctly depends on what kind of state you have in the session and how you manage it. Also timeouts will still apply (as they should).

llogiq
  • 13,815
  • 8
  • 40
  • 72
  • 1
    I have not set any time out or anything. I am simply storing user name into session variable and using it at any places that it is needed. – SoundStage May 26 '15 at 13:40
1

You can use javascript history method also for that so your session also remain same. 

<button onclick="goBack()">Go Back</button>

<script>
function goBack() {
    window.history.back();
}
</script>
pramod kadam
  • 1,287
  • 11
  • 11
1

in your php at the top of each page, start your session before your opening <html> tag

<?php session_start(); ?>
<html>

in your php somewhere set your session variables note this value must be serializable

<?php $_SESSION["variable"] = "value"; ?>

then anytime you want to access that session variable you can do the following AFTER calling session_start();

<?php echo $_SESSION["variable"]; ?>

if you handle your sessions in this manner, session variables will be available on previous and future pages.

caveat:

depending on browser and headers sent from your server, when you go back a page, it reloads the page as it was in the cache so consider the following:

  1. User goes to page and is does not have a session variable set
  2. User does action that sets a session variable and sends them to a second page
  3. User hits back button
    • User is shown the pre-session cached version of the first page
  4. User refreshes page
  5. User now sees the first page w/ session variable set

the reason for the hiccup is that some browsers do not always make a new request on back button sometimes it loads from the browser cache. read the very end of this answer: https://stackoverflow.com/a/1313941/884453

EDIT

You posted code above with a check to session_status first. This is incorrect. You ALWAYS need so session_start();

<?php
//Start session
session_start();
// User is either pulled from the session or is null
$User = $_SESSION["User"] ? !empty($_SESSION["User"]) : NULL;
//Page content
?>

the code for if (session_status() !== PHP_SESSION_ACTIVE) { is only useful in situations where some other bit of code (usually in a framework) may have started the session already.

Community
  • 1
  • 1
Francis Yaconiello
  • 10,829
  • 2
  • 35
  • 54
  • 1
    This is what I have done. The issue is that when I reload the page to display any calculation or content, the session does not expire. But when using the back button, the session expires. I need to be able to display all the past pages without getting this session expired message. – SoundStage May 27 '15 at 06:34
  • 1
    I updated my answer with some thoughts on the example code you posted – Francis Yaconiello Jun 01 '15 at 13:42
  • 1
    I am using `if (session_status() !== PHP_SESSION_ACTIVE) {` in every page to pull user name that is stored in session, so if I used `session_start();`, I get an error saying that the session has already started. – SoundStage Jun 02 '15 at 08:31
  • 1
    I think the session time out is the issue I am facing, but I have no idea how to set a custom value for it. – SoundStage Jun 02 '15 at 08:35