Hi,
I am having a problem while craeting session.Plz help me if u can.
I have an admin page......which has a password...This admin page is the gateway to enter the main menu ,where one can add,delete,update different section of data.As for example...Region,Dealer etc.
I want to create a session for individual user who will log in.

What I am doing is ...In global.asa file

Sub Session_OnStart()

session("sessionid")=Session.SessionID

end sub

And I am checking this session_id variable in start of each page as...

<%
response.Write(session("sessionid"))
if not session.SessionID=session("sessionid") then
server.Transfer("logoutscreen.asp")
end if
%>

In in logout.asp I wrote..
<%

session("sessionid")=""
session.Abandon()

server.Transfer("logoutscreen.asp")


%>

But when I press the back button of IE its taking me back to the previous pages ,where a new session id is created.
I want to stop this.
I want when a user will click logout ,he will not able to view any pages by back button.
Please help me to solve this problem.
Thanks in advance.
Joydeep

three things,

one is content expiry/disabling caching.....

two, add a javascript event to the page load of your pages that forces them forward through their history so if they try and go back it doesn't help.

the other is don't use the session id as the item to identify if they have logged in. a session is created when any user attempts of connect to the website. it is not a indication that they have logged in. You need to create your own session variables eg. UserAuthenicated and give those values.

In your session on start you set UserAuthenicated to false. When they successfully log in you set it to true. When the session is abandoned it gets wiped. If they go back through the pages a new session will be created but UserAuthenicated will have been reset to false.

hi Rokslide,
Thanks a lot for the help.It worked fine.
Joydeep