I am having a problem while craeting session.Plz help me if u can.
I have an admin page......which has a password...This admin page is the gateway to enter the main menu ,where one can add,delete,update different section of data.As for example...Region,Dealer etc.
I want to create a session for individual user who will log in.
What I am doing is ...In global.asa file
And I am checking this session_id variable in start of each page as...
if not session.SessionID=session("sessionid") then
In in logout.asp I wrote..
But when I press the back button of IE its taking me back to the previous pages ,where a new session id is created.
I want to stop this.
I want when a user will click logout ,he will not able to view any pages by back button.
Please help me to solve this problem.
Thanks in advance.
the other is don't use the session id as the item to identify if they have logged in. a session is created when any user attempts of connect to the website. it is not a indication that they have logged in. You need to create your own session variables eg. UserAuthenicated and give those values.
In your session on start you set UserAuthenicated to false. When they successfully log in you set it to true. When the session is abandoned it gets wiped. If they go back through the pages a new session will be created but UserAuthenicated will have been reset to false.