How to stop someone from going back to previous page?

Question

I am working on a my site to allow users to take test so they can see how much they know of a particular subject. I am running into a little problem though. Once a user submits the test for grading, how do I prevent them from going back to the test page? I am on a Mac with Safari running and when I click the back button in my web browser after I submit the test it leaves all of the answers I answered filled out. I want it do this: When a user submits a test and they click the back button in their web browser it redirects them to the main test page.

I am using PHP and MYSQL. I even have the test pages setup so that the user must come from a certain url (I am using HTTP_REFERER) and I have tried other stuff such as sessions but I cannot seem to figure this out. Any help is greatly appreciated.

Answer 1

You don't stop them.

Instead change your application so that it still works even if they go back. You can embed a unique number in a hidden field on the page and if they resubmit the same test twice you can detect it and display an appropriate error message. You should also think about what should happen if they modify the unique number.

Answer 2

You could run javascript that clears out all the answers. You might also just allow one submission so that subsequent submissions don't get processed. HTTP_REFERER is usually sent, but can be spoofed and forged by an altered browser.

Answer 3

If you don't want people to post different answers once they have already answered, all you have to do is check, in the script that accepts the test for grading, that the user has never submitted the test before. If you don't, a clever student will always be able to to circumvent your protection by sending an appropriate request directly to that script.

If you don't want people to see previous answers (for instance, if you have two people grade their tests on the same computer), consider using AJAX on the test page to submit the answers and then erase them from the fields. This way, most browsers will not remember the answers and the back button will not un-erase data that was erased by JavaScript.

Answer 4

At the top of the grade page, put the following:

session_start();
$_SESSION['testcomplete'] = 'yes';

Then at the top of each page of the test, put this:

session_start()
if ($_SESSION['testcomplete'] == 'yes') {
    header("Location:cheater.php");
}

Answer 5

You could simulate there being no page to go back to. From one page, generate each test page using jQuery, and provide no way to go back, only forward. The back button would take them to the page before they ever launched the test, and you could allow them to launch the test again and generate the right part where they should be. This would be pretty easy, if you haven't gone too far in development the current way.

Answer 6

http://www.htmlgoodies.com/tutorials/buttons/article.php/3478911/Disabling-the-Back-Button.htm you should be able to do it in javascript.

Answer 7

On the top of the script POST-ing the answers, do a check whether you have the test results in the database for the current user for this test. If you do, redirect to results.

if(get_test_results($user)){
   $test_url = get_test_url($user);
   header( "Location: $test_url" ) ;
}

Disabling the back button is not a good idea.