Back button issue
-
Hello All, Thank you for reading this post. Here is my issue. I have an ASP.NET 2.0 web application, that requires users to login and then they are shown the welcome page on successful login(Iam not using forms authentication, user's login credentials are validated against database and redirected to welcome page). The Welcome page has a logout button, on clicking which I clear all session variables, destroy all login based cookies and redirect to the login screen again. My problem is this. After I logout and reach the Login page if I hit the back button I go back to my welcome screen with all user information even though I have explicitly cleared session and cache. Please let me know how I can enforce the login page when back button is pressed. This is what i have on my logout page. Protected Sub lkbLogout_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles lkbLogout.Click Session(CustomerInformation) = Nothing Session.Clear() 'Remove all cookies If Not Request.Cookies(ConfigurationManager.AppSettings("Cookie")) Is Nothing Then Response.Cookies(ConfigurationManager.AppSettings("Cookie")).Expires = DateTime.Now.AddYears(-30) End If If Not Request.Cookies(ConfigurationManager.AppSettings("Cookie2")) Is Nothing Then Response.Cookies(ConfigurationManager.AppSettings("Cookie2")).Expires = DateTime.Now.AddYears(-30) End If If Session(CustomerInformation) Is Nothing Then Response.Cache.SetCacheability(HttpCacheability.NoCache) Response.Cache.SetExpires(DateTime.Now - New TimeSpan(1, 0, 0)) Response.Cache.SetLastModified(DateTime.Now) Response.Cache.SetAllowResponseInBrowserHistory(False) Response.Redirect("login.aspx", True) End If '------------------ response.redirect("login.aspx",true)
-
Hello All, Thank you for reading this post. Here is my issue. I have an ASP.NET 2.0 web application, that requires users to login and then they are shown the welcome page on successful login(Iam not using forms authentication, user's login credentials are validated against database and redirected to welcome page). The Welcome page has a logout button, on clicking which I clear all session variables, destroy all login based cookies and redirect to the login screen again. My problem is this. After I logout and reach the Login page if I hit the back button I go back to my welcome screen with all user information even though I have explicitly cleared session and cache. Please let me know how I can enforce the login page when back button is pressed. This is what i have on my logout page. Protected Sub lkbLogout_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles lkbLogout.Click Session(CustomerInformation) = Nothing Session.Clear() 'Remove all cookies If Not Request.Cookies(ConfigurationManager.AppSettings("Cookie")) Is Nothing Then Response.Cookies(ConfigurationManager.AppSettings("Cookie")).Expires = DateTime.Now.AddYears(-30) End If If Not Request.Cookies(ConfigurationManager.AppSettings("Cookie2")) Is Nothing Then Response.Cookies(ConfigurationManager.AppSettings("Cookie2")).Expires = DateTime.Now.AddYears(-30) End If If Session(CustomerInformation) Is Nothing Then Response.Cache.SetCacheability(HttpCacheability.NoCache) Response.Cache.SetExpires(DateTime.Now - New TimeSpan(1, 0, 0)) Response.Cache.SetLastModified(DateTime.Now) Response.Cache.SetAllowResponseInBrowserHistory(False) Response.Redirect("login.aspx", True) End If '------------------ response.redirect("login.aspx",true)
Responce.Cookies is array method not function. You have to use [] not (). This stand also for Session example:
Response.Cookies[ConfigurationManager.AppSettings("Cookie")].Expires = DateTime.Now.AddYears(-30)
-
Responce.Cookies is array method not function. You have to use [] not (). This stand also for Session example:
Response.Cookies[ConfigurationManager.AppSettings("Cookie")].Expires = DateTime.Now.AddYears(-30)
Will the above solution solve my issue ? Iam using VB.NET for my coding not C#
-
Will the above solution solve my issue ? Iam using VB.NET for my coding not C#
Sorry didn't read your post very well. You coud write javascript that prevents back buttion. But when you press back button, the browser displays a page in previous. It doesn't call a server to check if that is true. It is imposible. But you could check every time a postback occourd for every page