In my web site I destroy session but after logout if users press back on browser they can see last page.
How can I solve this ? I tried javascript but didn't work. I tried unset or destroy session but that doesn't work too. What I can do ?
I use these codes at header.
Header('Cache-Control: no-cache');
Header('Pragma: no-cache');
How can I solve this. Thanks for your help.
You can't. The page was sent to the client, it's up to the client to decide what to do with it.
What's the difference between this behaviour and a user with a photographic memory?
The real question is: why would you want to do this?
If there is a cache in the browser, you cannot control it exactly. The best you could do is time-stamp the page on creation (use a hidden field, perhaps), and have some javascript onLoad that redirects or formats the page if it finds that the time since the time-stamp is beyond some limit.
But this is not going to prevent someone looking at someone else's history; only clearing one's history will do that.
You have to check the session with javascript (probably AJAX) on the dom:loaded event. If the session is destroyed, you can redirect the user. Also, if you choose this way, you have to grab your content with AJAX too - ofcourse after the session validation.