When a user logouts on my website it redirects them to the home page. But if they hit back in their browser it still has them as logged in. (logged in features don't work, as expected)
To counter this I was thinking about setting up the if(isset($_SESSION['signed_in'])) in a seperate file called by ajax, which would do a fresh reload even if the user hit back. But, would this cause any kind of security issue? Basically use Javascript to check if user is signed in and to signout a user.
Is there a better way to do this?
Log in/out is pure PHP atm, no javascript involved.