Manual webpage expiration with php

Use PHP to manually make webpages expire. detrox [translation]
Keyword webpage expired, registration webpage writing
Source http://www.phpbuilder.net/columns/clark20030702.php3
 
Manually Expiring Web Pages
Manual webpage expiration

By Joe Clark
Translation: detrox

After going through a series of pages during a registration process, you don't want the user to be able to go back after the final submit. what can you do to manually "expire" those pages, and perhaps display a custom message?

After entering a series of web pages in the registration process, you do not want the user to return to the previous page after the final submission. What should you do to manually make these webpages expire and, if possible, provide a customized message.

In this scenario, I didn't want my session to expire as I needed it to continue. instead, I used an extra session variable to track whether my session was alive or not. there are three main components: (1) the entry script, (2) the Cache-control directive, (3) the conditional check, and (4) manually expiring a portion of the session.

In this phase, I don't want to let my session expire, because I need it to continue running. I use an additional session variable to track whether my session is active. There are three main components: (1) entry script (2) Cache control indicator (3) condition detection and (4) manual expiration of some sessions.

THE ENTRY SCRIPT
Portal script
I use an entry script to start my session. This accomplishes two things: (1) destroys any session already in progress, and (2) starts a new session.

I use an entry script to start my session. It is used to accomplish two things: (1) destroy any session that already exists in the process, and (2) Start a new session.

Entry. php:

<?
Php session_start (); session_unset (); session_destroy (); session_start (); session_register ('alive'); $ _ SESSION ["alive"] = "1 "; header ("Location:/php/createaccount. php ");?>
In the above script, we start the session, get rid of any registered session variables with session_unset (), and destroy that session with session_destroy (). then, we start a new session and register a session variable. this particle variable will track whether this portion of the session is alive or not. we set the variable to some value, then we redirect to our first page in the registration series.

In the above script, we start session, use session_unset () to clear all registered session variables, and use session_destory () to destroy previous sessions. Then, we start a new session and register a session variable. This specific variable will trace whether the session is active. We will set some values for the variables and redirect them to the first page of our series of registration webpages.

CACHE-CONTROL AND CONDITIONAL CHECK
Cache Control and Condition Detection
In the following code snippet, we will auto-detect if the session is still in use.
In the following short code, we will automatically check whether the session is still in use.

Createaccount. php:

<?
Php session_start (); header ("Cache-control: must-revalidate"); if ($ _ SESSION ["alive"]! = "1") {// User is attempting to go back after the session was destroyed // the User tries to return Header ("Location: /php/error100.php ") ;}?>
The "Cache-control" directive above is very important. using "must-revalidate" tells the browser that it has to fetch the page from the server again instead of loading if from its cache. because it reloads the page from the server, it will re-check the $ _ SESSION ["alive"] variable to see if its value is "1 ". if so, the page can load properly. if not, then we'll redirect the user to another page that contains a custom error message. placing this script at the beginning of every page in the registration series will catch every "Back" button press by the user. it's not enough to place it on the last page in the registration series as a user cocould press the "Back" button more than one time. I have this snippet in createaccount. php, createaccount1.php, createaccount2.php and createaccount3.php.

The cache control indicator above is very important. Use "must-revalidate" to tell the browser to read web pages from the server rather than from the browser cache. Because the webpage that is re-read from the server will re-check the $ _ SESSION ["alive"] variable to see if its value is 1. If yes, the webpage will be read normally. If not, we will redirect the user to a webpage with custom error messages. Place this script at the beginning of each page of the registration series page to capture each user's click on the "Back" button. It is not enough to place this script on the last page of a series of registration pages, Because You may click the "Back" button more than once. I have written this section into createaccount. php, createaccount1.php, createaccount2.php, and createaccount3.php.

MANUALLY EXPIRE THE SESSION
Manual SESSION expiration
The last thing to do is manually "expire" the session, or at least a portion of it. in my case, I wanted the session to stay alive, so I cocould not use session_unset () or session_destroy (). however, I didn't want the user to go back to the previous pages and change things. remember that $ _ SESSION ["alive"] variable? After the final submit, all we have to do is get rid of it. There are two ways to do this:

The last thing to do is to manually make the session expire, or at least make part of it expire. In this case, I want to maintain the session activity, so I cannot use session_unset () or session_destroy (). But in any case, I don't want the user to go back to the previous page to change anything. Do you remember the $ _ SESSION ["alive"] variable? What we need to do is to get rid of it after the last commit. There are two methods to achieve the goal

Createaccount4.php (the page after the final submit ):

<? Php session_start (); $ _ SESSION ["alive"] = "0";?> Or <? Php session_start (); session_unregister ('alive');?>
Either way will accomplish the same thing. now, when the "Back" button is pressed, the user won't return the previous page and be able to change data and resubmit. instead, they will be redirected to error100.php (or whatever page you choose) and will get a custom error message.

Any method can do the same thing. Now, when the "Back" button is pressed, you cannot go Back to the previous page to make data changes and submit data repeatedly. Instead, the user will be redirected to error100.php (or any page you choose) and get a custom error message.

So, the next time you want to stop the user from going back to change data previusly entered, and if you want manual control over it, use this method. just remember that the entry script sets the session variable to the "alive" state, and the exit script (right after your final submit during the process) sets the session variable to a "not alive" state. the "Cache-control: must-revalidate" forces the browser to reload the page from the server, and the "alive" check is completed MED. redirection to a custom page occurs when the session variable is not "alive ".

Therefore, the next time you want to prevent the user from returning the previous page to change the previously entered data, use this method if you want to manually control it. Remember to use the portal script to set the session variable to the "alive" state, and set the session variable to the "not alive" State using the exit script (after the final submitted action during processing. "Cache-control: must-revalidate" forces the browser to re-read the webpage from the server, and implements "alive" detection. When the session variable is no longer "alive", redirect to a custom page.