Disable browser back button

hi,every body

How to disable browser back button using php(what google does). I can able to do using the javascript, but this is applied for all pages(all static pages). But i want only the authenticated pages.

If user logged in to gmail account and then he clicks the browser back button, the page refreshes again.


You can’t disable the back button. What happens when it looks like that just refreshes the current page is that there is that the prior page automatically redirects to the current one and so what you thought was the immediate previous page is actually back two. So when the page refreshes like that you simply select the dropdown next to the back button and select to go back two pages instead of one.

hi, thank u for u r reply

can u tell me, how to sign out when user clicks the back button in PHP

You can’t disable the back button in browsers but you can do tricks to prevent people from using the back button to go the previous page and you do it by simply not creating any history in the browser. You can do it like this:

  1. instead of standard links use javascript location.reload() - when a user tries to go back they will not go back to the previous page but to a page before location.reload() functions were called. location.reload() will prevent browsers from storing visited pages in history - at least in the conforming browsers because you can always hack a browser or make an extension to disable that.

  2. a more complicated solution used by some online banks: when you log in then every page has the same URL, it never changes. This effectively prevents browsers from storing any history because seemingly there is none. Instead of standard links you need to use javascript which sets a cookie and reloads the page - then in PHP you can read the cookie and based on that you can decide which page to display. You can also make the cookies for use only once and this way you can also prevent using the reload button (e.g. logging out when a user does that). I think this solution is too much hassle in most cases unless you really need extra security.

You can use the trick 2 above to accomplish that but you need to make sure there is an intermediate page somewhere to which the back button will always direct. But there is no way you can do that if someone goes back a few pages back in history like felgall said. The best you can do is apply a timeout so that users are signed out after a few minutes of inactivity.

@Lemon Juice:Thank for u r reply.

I done by using javascript onunload() method. If somebody clicks on the back button, i call the onunload() javascript function.

I place the following code in the <body> tag window.location.href=“page itself”; . It refreshes the page again(This is my expected behaviour, like google does in the gmail)

It is working fine in Firefox and IE. But window.location.href not working in safari and chrome.