I have a study logout.php file which works fantastically, the issue I am faced with however is putting the script into a new ‘intranet style’ administrative site which uses 4 frames within a frameset (header, left, center, right).
There are two requirements I need to meet which I am having a very difficult time finding a solution to (yes I know frames suck for today’s consumer sites but to reiterate, this is for an internal system administration panel with widgets everywhere).
-
When a user clicks the ‘logout’ button in the top frame, the ENTIRE page is directed to logout.php which then redirects to a single page “home.php”. As of now, hitting logout only takes that particular frame to my desired destination.
-
When a user logs in, a SESSION variables is created and set to true; if pages are visited without SESSION[validated]= true, the user is logged out. Similarly to above, IF this happens, I need the ENTIRE frameset directed to logout.php.
I am trying to achieve this without javascript (as this can obviously simply be disabled and JS is not a true measure for security).
Anybody ever dealt with this issue in the past?
Is the logout button a link? If so, can’t you use
target="_parent"to make it change the page with the frameset?Edit
Re #2: If the session is timed out, you could make an intermediary page with a link that uses
target=_parentand the JavaScript below, both of which would break out of the frame.This is good because if they have JavaScript enabled, they won’t even notice and if they don’t, they still will break out of the frames.