• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 352
  • Last Modified:

Back button: "The page cannot be displayed"

Hi, I have a whole site set up in PHP, and only one problem (at the moment).  The user goes to the login page, logs in, form info is submitted to test.php, the redirected to home.php.  From there the user clicks on any link, goes to page1.php.  Then hits back, and gets a "The page cannot be displayed" error.  If the reload button is hit, home.php comes up fine, without even loosing any session variables.  What is even wierder is that this only has to be done once.  After that they can press back and it goes to home.php witout having to reload.

I have a line `header("Cache-control: public");` at the top, and this hasn't fixed it.  This is not really in my area of php, so I am hoping someone knows how to deal with this.  This same question was asked before and I found it in my search, but I couldn't glean a real answer to it.  Thanks in advance.
0
zixp
Asked:
zixp
  • 8
  • 5
1 Solution
 
Diablo84Commented:
try

header("Cache-control: private");

after

session_start();
0
 
Diablo84Commented:
It sounds like the IE6 bug that comes up when using sessions, discussed here: http://www.phpfreaks.com/tutorials/41/1.php
0
 
zixpAuthor Commented:
sorry, I meant to say that I had tried private as well
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
Diablo84Commented:
hmm, that one usually resolves this problem, you have definitely added the header before any output? (echo/print, html, new lines outside of <?php tags).

Just checking before looking towards a work around.
0
 
Diablo84Commented:
Failing that heres a couple of ideas off the top of my head:

1) Prevent caching of the form page altogether (take note as i recall this does not usually fix this problem but as the traditional fix here has failed its something to try):

header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

http://www.php.net/manual/en/function.header.php

Same principles as usual with headers, before any output they must go.

2) Not sure how well this one will work here, this is typically the method i use to prevent a page resending form data upon refresh.

Point the form the the current page, ie actioon="<?php echo $_SERVER['PHP_SELF']; ?>" then assign the post data to session variables temporarily, for example, at the start of the file

session_start();

if (isset($_POST['submit'])) {
 $_SESSION['username'] = $_POST['username'];
 $_SESSION['password'] = $_POST['password'];
 header("location: your_processing_page.php");
 exit;
}

On the processing page (make sure you have session_start(); at the top of it) you can then validate the data as you would normally only referencing the session variables rather then the post variables, after validation you can then reset the values and do what ever needs to be done. This should in theory avoid the page cannot be displayed error however its an untested unusual method for this purpose.

The last thing i would suggest you do, prehaps before any of the above, is turn on error reporting for the script temporarily just to make sure that the headers you tried initially (in particular the private cache one) were being sent correctly. You can do this by adding:

error_reporting(E_ALL ^ E_NOTICE);

To the top of your file.

I will doubtfully be checking back before tomorrow so if the problem persists post back and i will either return to the issue in the morning or someone else will be able to provide you with help. Best of luck in the mean time.

|)iablo

0
 
zixpAuthor Commented:
After having tried your suggestions I must sadly report that none seems to have changed anything.  I did however realize that I cut out the intermediary php page, so here is what it looks like (pseudo code):

login.php:
          post:username
          post:password
             submit:home.php
home.php
          if !isset($_session vars)  && isset($_post vars),
               post vars => session vars
          else check_login_and_pass()
page1.php
          check_login_and_pass()
          <a href="home.php">
home.php
====It is at this point that the page cannot be displayed until it is refreshed=====
--[REFRESH]--
home.php
         <a href="page1.php">
page1.php
         <a href="home.php">
home.php
         No problems loading anymore.


Strange, and like I said, I have tried all sorts of cache-limiting headers on home.php, including the ones that you had there.

I will increase the points
0
 
Diablo84Commented:
Does it also happen when clicking the link back to home.php for the first time or is it just when hitting back in your browser?

Can you also post your code from home.php, atleast the relevant part that handles the post and sessions, i would like to have a look and see whats going wrong here if possible.
0
 
zixpAuthor Commented:
1) No, as a matter of fact it does not have this problem when clicking on the home link. I forgot to mention that.

2)
::LOGIN.HTML::
<html><head></head><body>
<form name="login" method="post" action="home.php">
</body</html>

::HOME.PHP::
<?php

//error_reporting(E_ALL ^ E_NOTICE);
//ini_set("error_reporting"," E_ALL & ~E_NOTICE");

session_start();
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

if ( !isset($HTTP_SESSION_VARS['username']) && (isset($_POST))){
      
      //get vars from $_POST
      if ((!$HTTP_POST_VARS['username']) || (!$HTTP_POST_VARS['pass'])){ echo "you must <a href=\"http://***.***.com\">log in</a>"; exit;}
      
      $username = $HTTP_POST_VARS['username'];
      $pass = $HTTP_POST_VARS['pass'];

      //convert to $_SESSION
      $HTTP_SESSION_VARS['username'] = $username;
      $HTTP_SESSION_VARS['canary'] = 'set in home';
      $HTTP_SESSION_VARS['encryptpass'] = crypt($pass, $username);

      //clean up variables for security
      unset($HTTP_POST_VARS['username']);
      unset($HTTP_POST_VARS['pass']);
      unset($pass);
}

require ("credentials.php");
?>
<html>
<head>
...
::CREDENTIALS.PHP::
@session_start();
@$login = addslashes($HTTP_SESSION_VARS['username']);
@$password = addslashes($HTTP_SESSION_VARS['encryptpass']);
if ( $HTTP_SESSION_VARS['username'] == "" || $HTTP_SESSION_VARS['encryptpass'] == ""){echo "Im sorry, but you must be logged in to see this page. Please <a href=\"http://***.***.com\">login</a>"; exit;}
if (!$login || !$password){echo "You are not authoirzied to view this page";}
          ...the script then proceedes to look up the user from the database

and BTW, dont worry about $HTTP_SESSION instead of $_SESSION, or the like for post, I have heard it before, but thats how I learned it, and there is no real reason to go and change it.


0
 
Diablo84Commented:
Ok, as there isn't as such an error with your code i am going to have to target potential suspects within your script as it were to try and find the cause.


>> if ( !isset($HTTP_SESSION_VARS['username']) && (isset($_POST))){

The post array is always set* so you should focus on checking a specific post array item,
eg: if (!isset($HTTP_SESSION_VARS['username']) && isset($_POST['username'])){

* You will notice that

if (isset($_POST)) echo "POST array is set";

will always return true


>> @session_start();

If CREDENTIALS.PHP is -only- being included in HOME.PHP (as opposed to being accessed directly) then you do not need to declare session start again as it will only result in a notice and will be ignored by the interpreter. I presume the reason you are supressing errors for this line may mean that it is also accessed directly.


There is not a lot else wrong with your code so if you could try the above and see how that works out. Also if you have the Firefox or Mozilla browser available could you try the script there, i suspect it may just be an IE bug again.


>> and BTW, dont worry about $HTTP_SESSION instead of $_SESSION, or the like for post...

Thats definitely a personal preference matter at this point in time so no problem. It is however likely that at some point they will chose to deprecate the old methods so as long as you are aware of the "current method" its ok.
0
 
zixpAuthor Commented:
still no dice. Furthermore,  I have the same list of no-cache headers in login.html, but it keeps resubmitting bad post info if your login is incorrect.  Is there some header that says something like header("I_am_so_serriously, dont_cache_this")?
0
 
Diablo84Commented:
:) In a perfect world

>>  it keeps resubmitting bad post info if your login is incorrect

This sounds dubious, its either the post data being resent or prehaps data being recalled from a cookie, not sure without seeing code.

And speaking of which i think we could end up going around in circles with this one, it would be easier if i could see the error for myself and figure out the problem that way, so, could you possibly post the code from each of the scripts involved here (minus anything which has nothing to do with the problem - queries etc). If i can reconstruct the problem i may be able to get to the bottom of it.
0
 
zixpAuthor Commented:
You have more than earned any points for this question, even though I havent fixed it yet.  So I will accept your answer, and if you are so inclined you can contact me at 34263406@ithrowmylifeaway.com (a disposable email) and I will send you the code.  I take no offense if you dont though.

Thank you for your effort to help me.
0
 
Diablo84Commented:
no problem zixp

if you could zip the files and send them to the address i my profile i will be happy to have a look through them for you when i have the chance.

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 8
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now