Destroying a Session

Discussion in 'ASP General' started by le0, Jul 28, 2006.

  1. le0

    le0 Guest

    Hello Guys,

    I have this problem on my page. Im doing my "Logoff" portion, everytime I
    click "Logoff" then click the Back button in my browser the previous page
    still appears.

    Heres my code
    <%
    If Request.QueryString("login")= "logout" Then
    Application.Contents.RemoveAll()
    Session.Contents.RemoveAll()
    Session.Abandon
    Response.Redirect("../../global/common/login/login.asp?login=logoff")
    Else

    End If
    %>

    but I think this is not working or there is something wrong with my code
    Hope you can help me with this..

    Thaks,
    Leo
     
    le0, Jul 28, 2006
    #1
    1. Advertising

  2. le0

    Janette Guest

    Hi Leo,

    The reason the previous page probably displays, is when you click back it
    uses the previous URL which would have had login=login in the URL, it is
    only the page after logoff that has login=logoff. You would be far better
    checking for the existance of the session, or the existance of a particular
    session variable having a value instead of setting and checking the
    querystring. Else, people may just add login=login to their URL, to bypass
    logging in. So for example, when you logon, you might create a session
    variable called user and populate it with the username of the person who
    just successfully logged on. Then in each page inside the app check for a
    value in the user session variable, as it will only have a value if a user
    is logged on.

    <%
    If Session("user") = "" then
    Application.Contents.RemoveAll()
    Session.Contents.RemoveAll()
    Session.Abandon

    Else

    End If
    %>

    Hope this helps.
    Janette

    "le0" <> wrote in message
    news:%...
    > Hello Guys,
    >
    > I have this problem on my page. Im doing my "Logoff" portion, everytime I
    > click "Logoff" then click the Back button in my browser the previous page
    > still appears.
    >
    > Heres my code
    > <%
    > If Request.QueryString("login")= "logout" Then
    > Application.Contents.RemoveAll()
    > Session.Contents.RemoveAll()
    > Session.Abandon
    >
    > Response.Redirect("../../global/common/login/login.asp?login=logoff")
    > Else
    >
    > End If
    > %>
    >
    > but I think this is not working or there is something wrong with my code
    > Hope you can help me with this..
    >
    > Thaks,
    > Leo
    >
    >
     
    Janette, Jul 28, 2006
    #2
    1. Advertising

  3. If you are using the back button, what you are actually doing is viewing the
    same cached file you saw before. A route around this would be to force the
    previous page not to cache, I think this would solve your problem.

    Stu

    --

    "le0" <> wrote in message
    news:%...
    > Hello Guys,
    >
    > I have this problem on my page. Im doing my "Logoff" portion, everytime I
    > click "Logoff" then click the Back button in my browser the previous page
    > still appears.
    >
    > Heres my code
    > <%
    > If Request.QueryString("login")= "logout" Then
    > Application.Contents.RemoveAll()
    > Session.Contents.RemoveAll()
    > Session.Abandon
    >
    > Response.Redirect("../../global/common/login/login.asp?login=logoff")
    > Else
    >
    > End If
    > %>
    >
    > but I think this is not working or there is something wrong with my code
    > Hope you can help me with this..
    >
    > Thaks,
    > Leo
    >
    >
     
    Stuart Palmer, Jul 28, 2006
    #3
  4. le0

    le0 Guest

    Hi Janette =)

    You are absolutely right, but my page has the include file like this

    <%
    If Len(Session("AccessType")) = 0 Then
    Dim sUrlExpire
    sUrlExpire =
    "../../global/common/login/login.asp?login=expired&sysid=" & strSysPath
    %>

    <script language=javascript>
    top.location.href = "<%=sUrlExpire%>"
    </script>

    <%
    Response.End
    End If
    %>

    it checks the accesstype of the user before logging in to the page, and Im
    expecting that when I use this code
    Application.Contents.RemoveAll()
    Session.Contents.RemoveAll()
    Session.Abandon
    the sessions will automatically destroyed even if i click the back button =(

    Please helppp..

    "Janette" <> wrote in message
    news:...
    > Hi Leo,
    >
    > The reason the previous page probably displays, is when you click back it
    > uses the previous URL which would have had login=login in the URL, it is
    > only the page after logoff that has login=logoff. You would be far better
    > checking for the existance of the session, or the existance of a
    > particular session variable having a value instead of setting and checking
    > the querystring. Else, people may just add login=login to their URL, to
    > bypass logging in. So for example, when you logon, you might create a
    > session variable called user and populate it with the username of the
    > person who just successfully logged on. Then in each page inside the app
    > check for a value in the user session variable, as it will only have a
    > value if a user is logged on.
    >
    > <%
    > If Session("user") = "" then
    > Application.Contents.RemoveAll()
    > Session.Contents.RemoveAll()
    > Session.Abandon
    >
    > Else
    >
    > End If
    > %>
    >
    > Hope this helps.
    > Janette
    >
    > "le0" <> wrote in message
    > news:%...
    >> Hello Guys,
    >>
    >> I have this problem on my page. Im doing my "Logoff" portion, everytime I
    >> click "Logoff" then click the Back button in my browser the previous
    >> page still appears.
    >>
    >> Heres my code
    >> <%
    >> If Request.QueryString("login")= "logout" Then
    >> Application.Contents.RemoveAll()
    >> Session.Contents.RemoveAll()
    >> Session.Abandon
    >>
    >> Response.Redirect("../../global/common/login/login.asp?login=logoff")
    >> Else
    >>
    >> End If
    >> %>
    >>
    >> but I think this is not working or there is something wrong with my code
    >> Hope you can help me with this..
    >>
    >> Thaks,
    >> Leo
    >>
    >>

    >
    >
     
    le0, Jul 28, 2006
    #4
  5. le0

    le0 Guest

    Hey Stu,

    What dou you mean route around? Can you give me an example =(

    =(
    Leo





    "Stuart Palmer" <> wrote in message
    news:%8hyg.70018$...
    > If you are using the back button, what you are actually doing is viewing
    > the same cached file you saw before. A route around this would be to force
    > the previous page not to cache, I think this would solve your problem.
    >
    > Stu
    >
    > --
    >
    > "le0" <> wrote in message
    > news:%...
    >> Hello Guys,
    >>
    >> I have this problem on my page. Im doing my "Logoff" portion, everytime I
    >> click "Logoff" then click the Back button in my browser the previous
    >> page still appears.
    >>
    >> Heres my code
    >> <%
    >> If Request.QueryString("login")= "logout" Then
    >> Application.Contents.RemoveAll()
    >> Session.Contents.RemoveAll()
    >> Session.Abandon
    >>
    >> Response.Redirect("../../global/common/login/login.asp?login=logoff")
    >> Else
    >>
    >> End If
    >> %>
    >>
    >> but I think this is not working or there is something wrong with my code
    >> Hope you can help me with this..
    >>
    >> Thaks,
    >> Leo
    >>
    >>

    >
    >
     
    le0, Jul 28, 2006
    #5
  6. le0

    Mike Brind Guest

    http://www.aspfaq.com/show.asp?id=2022

    --
    Mike Brind


    le0 wrote:
    > Hey Stu,
    >
    > What dou you mean route around? Can you give me an example =(
    >
    > =(
    > Leo
    >
    >
    >
    >
    >
    > "Stuart Palmer" <> wrote in message
    > news:%8hyg.70018$...
    > > If you are using the back button, what you are actually doing is viewing
    > > the same cached file you saw before. A route around this would be to force
    > > the previous page not to cache, I think this would solve your problem.
    > >
    > > Stu
    > >
    > > --
    > >
    > > "le0" <> wrote in message
    > > news:%...
    > >> Hello Guys,
    > >>
    > >> I have this problem on my page. Im doing my "Logoff" portion, everytime I
    > >> click "Logoff" then click the Back button in my browser the previous
    > >> page still appears.
    > >>
    > >> Heres my code
    > >> <%
    > >> If Request.QueryString("login")= "logout" Then
    > >> Application.Contents.RemoveAll()
    > >> Session.Contents.RemoveAll()
    > >> Session.Abandon
    > >>
    > >> Response.Redirect("../../global/common/login/login.asp?login=logoff")
    > >> Else
    > >>
    > >> End If
    > >> %>
    > >>
    > >> but I think this is not working or there is something wrong with my code
    > >> Hope you can help me with this..
    > >>
    > >> Thaks,
    > >> Leo
    > >>
    > >>

    > >
    > >
     
    Mike Brind, Jul 28, 2006
    #6
  7. le0 wrote:
    > I have this problem on my page. Im doing my "Logoff" portion,
    > everytime I click "Logoff" then click the Back button in my
    > browser the previous page still appears.


    That is the proper behavior, according to the HTTP specification. The
    History belongs to the browser, not to you:

    "User agents often have history mechanisms, such as "Back"
    buttons and history lists, which can be used to redisplay
    an entity retrieved earlier in a session. By default, the
    Expires field does not apply to history mechanisms. If the
    entity is still in storage, a history mechanism should
    display it even if the entity has expired, unless the user
    has specifically configured the agent to refresh expired
    history documents."

    http://www.w3.org/Protocols/HTTP/1.1/spec.html


    --
    Dave Anderson

    Unsolicited commercial email will be read at a cost of $500 per message. Use
    of this email address implies consent to these terms.
     
    Dave Anderson, Jul 28, 2006
    #7
  8. I wrote:
    > That is the proper behavior, according to the HTTP specification.
    > The History belongs to the browser, not to you:
    >
    > "User agents often have history mechanisms, such as "Back"
    > buttons and history lists, which can be used to redisplay
    > an entity retrieved earlier in a session. By default, the
    > Expires field does not apply to history mechanisms. If the
    > entity is still in storage, a history mechanism should
    > display it even if the entity has expired, unless the user
    > has specifically configured the agent to refresh expired
    > history documents."
    >
    > http://www.w3.org/Protocols/HTTP/1.1/spec.html


    In addition,

    "History mechanisms and caches are different. In particular
    history mechanisms SHOULD NOT try to show a semantically
    transparent view of the current state of a resource. Rather,
    a history mechanism is meant to show exactly what the user
    saw at the time when the resource was retrieved.

    By default, an expiration time does not apply to history
    mechanisms. If the entity is still in storage, a history
    mechanism SHOULD display it even if the entity has expired,
    unless the user has specifically configured the agent to
    refresh expired history documents."

    http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.13



    --
    Dave Anderson

    Unsolicited commercial email will be read at a cost of $500 per message. Use
    of this email address implies consent to these terms.
     
    Dave Anderson, Jul 28, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. NETUser2004
    Replies:
    3
    Views:
    485
    John Saunders
    Feb 10, 2004
  2. =?Utf-8?B?dnZlbms=?=

    Destroying objects in Page_Unload event

    =?Utf-8?B?dnZlbms=?=, Nov 9, 2005, in forum: ASP .Net
    Replies:
    3
    Views:
    564
    Kevin Spencer
    Nov 9, 2005
  3. Varangian

    Destroying Sessions

    Varangian, Mar 29, 2006, in forum: ASP .Net
    Replies:
    6
    Views:
    491
    Juan T. Llibre
    Mar 29, 2006
  4. molar
    Replies:
    0
    Views:
    628
    molar
    Jul 25, 2004
  5. Jerome

    Destroying a Process in Java

    Jerome, Jan 28, 2005, in forum: Java
    Replies:
    4
    Views:
    3,297
    Larry Barowski
    Jan 28, 2005
Loading...

Share This Page