ignore back button or refresh button  on the browser

Posted on 2006-04-03
Medium Priority
Last Modified: 2008-02-01

I have

index.php, a.php, b.php, c.php, d.php, e.php

I am in d.php now. if i click back button or refresh button on browser, it has to go back to a.php
And also, if I click back button or refresh buttonon browser, it has to go back to a.php.

How can i do that??

Question by:bbvic

Expert Comment

ID: 16360912
The "and also" part to your question and the first part to your question are the same thing. Did you mean to add somethings else there?

Also, do you only need to get back to a.php when coming (back or reload) from d.php or from all of them?

Author Comment

ID: 16360972
from all of them..

Accepted Solution

WilliamFrantz earned 1000 total points
ID: 16363673
'index.php, a.php, b.php, c.php, d.php, e.php'

So the first time you display a page, you want it to display normally, but the second time you display a page, you want it redirected to a.php.

If someone requests b.php, they see b.php, but if they reload the page, they see a.php.

If someone requests b.php, they see b.php, if they click on a link to c.php, they see c.php, if they then click 'back', they see a.php (not b.php).

Effectively, a visitor can only see b.php once.  As soon as they leave the page they can't get back to it; ever.  If they reload the page, they are sent someplace else.

First of all, there is no solution that you can implement that can't be foiled by malicious users.  Ultimately, you will need some way to identify returning users and users can always spoof their identification.

Some browsers will allow you to tamper with the history by using Javascript.  You may be able to embed some Javascript to take care of the user trying to go 'back'.

Another approach might be to use $_SERVER['HTTP_REFERER'].  However, it can be spoofed and I don't know what browsers do with the referer header when you reload a page.

What ever you do, you probably want to make sure that none of your pages are cached by doing the following:

header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past

You could then set a cookie on the visitors machine after they visit each page (other than a.php):

if (isset($_COOKIE['beenHere']))
/* set the cookie for 30 days (60s*60m*24h*30d) */
setcookie('beenHere', 'true', time()+60*60*24*30);

Alternately, you could structure it more like this:

if (!isset($_COOKIE['beenToB'] && isset($_REQUEST['B'])
    setcookie('beenToB', 'true', time()+60*60*24*30);

Then use links like:

Instead of:

You chould use IP addresses and some kind of time-out instead of cookies.  The time-out would be necessary to account for DHCP.  Note, this technique wouldn't be as fool-proof but it would be harder for malicious users to spoof.

Expert Comment

ID: 16363747
The best solution will probably be to always send users to a.php every time and then 'require' the other pages as needed.  This gives you the most control and the only URL that ever gets stored in their history is a.php.  The user doesn't ever need to see the direct URL to the other pages (b.php, c.php, etc.).

Assisted Solution

blue_hunter earned 1000 total points
ID: 16367211
try to work out with the code below

<script language="javascript">
function onUnloadJS(){
return true;

<body onunload="onUnloadJS()">


Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The title says it all. Writing any type of PHP Application or API code that provides high throughput, while under a heavy load, seems to be an arcane art form (Black Magic). This article aims to provide some general guidelines for producing this typ…
This holiday season, we’re giving away the gift of knowledge—tech knowledge, that is. Keep reading to see what hacks, tips, and trends we have wrapped and waiting for you under the tree.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Suggested Courses
Course of the Month16 days, 19 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question