Results 1 to 6 of 6

Thread: Log out

  1. #1
    Join Date
    Jan 2005
    Posts
    362

    Unanswered: Log out

    I create a log out file.
    I wrote

    Code:
    <%
    Session.Abandon
    response.redirect("index.asp")
    
     %>
    but when i push the back button of firefox, I return to the file when I were logged in.
    Can I decline it and redirect at log in page?

  2. #2
    Join Date
    Nov 2003
    Location
    Christchurch, New Zealand
    Posts
    1,618
    Sounds like you are caching your pages,.. you need to force the expiry of the content.... something like
    Code:
    <% 
    Response.CacheControl = "no-cache" 
    Response.AddHeader "Pragma", "no-cache"  
    Response.Expires = -1
    %>
    Should solve the problem

  3. #3
    Join Date
    Jun 2003
    Location
    USA
    Posts
    1,032
    Well yes in my opinion a back button would show up what you have but of course one wouldn't be able to do any further processing if each page checked for some kind of logged in session variable.

    On a few pages that I really didn't want to allow a back button to be used such as on a confirmation page after a bunch of input pages I've used something like this:

    A1ien51's disable the Back Button
    http://www10.brinkster.com/A1ien51/S...BackButton.htm
    What is going to happen, is when the page loads, it will send the surfer to the last page in their history.
    Now if a person tries to go back to it, then it will send them directly back to the page they pushed the back button on!
    Add this code to the header of your page:
    <script>
    history.forward();
    </script>

    JPS: Thus need to put the code on the page you don't want the user to be able to go back to.
    And here is my version of it:
    <script type="text/javascript"> <!--
    // Disable browser's Back button on another pg being able to go back to this pg.
    history.forward();
    //-->
    </script>
    J. Paul Schmidt, Freelance Web and Database Developer
    www.Bullschmidt.com
    Access Database Sample, Web Database Sample, ASP Design Tips

  4. #4
    Join Date
    Nov 2003
    Location
    Christchurch, New Zealand
    Posts
    1,618
    fully expiring the content should work as well. The problem with the JS version is that if you disable JS you can still go back and see what was there....

    I'm not saying that there aren't hacks for the expired content, but I find it tends to work a lot better then the JS version.

  5. #5
    Join Date
    Jan 2005
    Posts
    362

    Brownsers

    I try all of above and I find that none of them works with ALL the brownsers.
    For eample I saw that te meta with "expires" works at IE but not with others brownsers, the javascript code not works with Opera.
    Dimis

  6. #6
    Join Date
    Jan 2005
    Posts
    362
    There is another way:
    <a href="here.asp" onclick="javascript:location.replace(this.href);ev ent.returnValue=false;">
    here</a>
    dimis
    Last edited by dimis2500; 01-04-06 at 08:00.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •