473,320 Members | 1,707 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

session variables

omerbutt
638 512MB
sir iam making an application with HTML ASP JAVASCRIPT AND DHTML
now i have made a login page in which i put the user name in the sessin variable so that it can be checked on each page weather the person who is entering the site has logged in properly or not
the code for the login is here where the data from te formis moved to an asp page named logindone.asp
<%
branch=request("branchrep")
usernamelhr=request ("log_namelhr")
usernameisb=request ("log_nameisb")
usernameslk=request ("log_nameslk")
usernamepsh=request ("log_namepsh")
usernamekhi=request ("log_namekhi")
usernamemlt=request ("log_namemlt")
usernamefsb=request ("log_namefsb")
password=request ("pas_wrd")

Dim Lgin, Pass, Pass1, RSANCR
Set RSANCR=Server.CreateObject("ADODB.Recordset")
connectionstr= "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath("db/db1.mdb")

strSQL = "SELECT * FROM login;"
RSANCR.OPEN strSQL, connectionstr, 3

foundIt=False
Do Until RSANCR.EOF OR foundIt

If (StrComp(RSANCR("user_n"), username, vbTextCompare) = 0) Then
foundIt=True
Else
RSANCR.MoveNext
End If
Loop

If Not foundIt Then
RSANCR.Close
Set RSANCR = Nothing
'connectionstr.Close
Set connectionstr= Nothing
response.redirect("login.asp?error=1")
End If

If Not (StrComp(RSANCR("pass_w"), password, vbBinaryCompare) = 0) Then
RSANCR.Close
Set RSANCR = Nothing
'connectionstr.Close
Set connectionstr = Nothing
Response.Redirect("login.asp?error=2")
Else
Session("Valid") = username
Session("Branch") = Request("branchrep")
Response.Redirect("ADDNEWSAR.asp")
End If
%>
no i have made a file secure.asp which i have included on each page of my application which has the following code
<%@Language=VBScript%>
<%Option Explicit%>
<%
If Session("Valid") = "" Then

Response.redirect ("login.asp")
else
End If
%>
Now the problem is when i press the logout button it logs out the user and redirects to the login page but .....when i press the back button i again goes to the page from where i have logged out ...whereas it should not be doing this ........and when i press the refresh button then it again redirects the page to the login page and after that it works correctly ...means if i dont refresh it it does not empty the session variable and keeps on going to that page where as i want that once i have logged out it should never go back to that page no matter i refresh it or not...wot shud i do shud i use the session time oyt and if yes how shud i and where shud i write it
thanks for any help in advance ....:) :( mer
May 10 '07 #1

✓ answered by omerbutt

heeres the solution its perfect one you make a SECURE.asp page in which you have the following code, which you will add in each of your page it will check for the validity and the QUOTED part of the code is the life of the code try it and you will never get back to that sick old cached page ;)

Expand|Select|Wrap|Line Numbers
  1. <%@Language=VBScript%>
  2. <%Option Explicit%>
  3.         
  4.                 <%
  5. Response.Expires = 1
  6. Response.Expiresabsolute = Now() - 2
  7. Response.AddHeader "pragma","no-cache"
  8. Response.AddHeader "cache-control","private"
  9. Response.AddHeader "cache-control","no-store"
  10. Response.CacheControl = "no-cache"
  11.  
  12. %>
  13. <%
  14. If Session("Valid") = "" Then 
  15.     Response.redirect ("login.asp") 
  16. else
  17.     'response.redirect("ADDNEWSAR.asp")
  18. End If
  19. %>
  20.  
You could attempt setting any page that requires the user be logged in to not be cached?

8 1915
jhardman
3,406 Expert 2GB
When someone pushes the back button the browser does not re connect to the server, it usually just finds the old cached page. You don't re-connect until you hit refresh, at which point everything is handled correctly. That said, I'm not sure you need to do anything, I think everything is operating correctly.

You can try to stop caching or set a page expires feature with javascript or HTML, that would force the browser to refresh the page every time it reloads, but this puts a lot of strain on your server.

Jared
May 11 '07 #2
omerbutt
638 512MB
When someone pushes the back button the browser does not re connect to the server, it usually just finds the old cached page. You don't re-connect until you hit refresh, at which point everything is handled correctly. That said, I'm not sure you need to do anything, I think everything is operating correctly.

You can try to stop caching or set a page expires feature with javascript or HTML, that would force the browser to refresh the page every time it reloads, but this puts a lot of strain on your server.

Jared
Sir ,
All i am doing for the sake that if some one enetrs hos sales and logsout and if another person comes in and pushes the back button and makes a dummy entry would it enter the data or not if not then i also think its not compulsary but in other case :( ....please do guide me in this matter
Thanks
May 12 '07 #3
jhardman
3,406 Expert 2GB
If someone else hit the back button and tried to log a sale it will probably not be accepted. Can you test?

Jared
May 14 '07 #4
Once You will give session.Abandon in your logout page,It wont take back to that page after clicking the back button also...
Jul 2 '07 #5
omerbutt
638 512MB
no you wont be able to do it even in that session.abandon it will still take you to the last visited page untill or unless u refresh it once
Once You will give session.Abandon in your logout page,It wont take back to that page after clicking the back button also...
Dec 1 '07 #6
Nicodemas
164 Expert 100+
You could attempt setting any page that requires the user be logged in to not be cached?
Dec 7 '07 #7
omerbutt
638 512MB
heeres the solution its perfect one you make a SECURE.asp page in which you have the following code, which you will add in each of your page it will check for the validity and the QUOTED part of the code is the life of the code try it and you will never get back to that sick old cached page ;)

Expand|Select|Wrap|Line Numbers
  1. <%@Language=VBScript%>
  2. <%Option Explicit%>
  3.         
  4.                 <%
  5. Response.Expires = 1
  6. Response.Expiresabsolute = Now() - 2
  7. Response.AddHeader "pragma","no-cache"
  8. Response.AddHeader "cache-control","private"
  9. Response.AddHeader "cache-control","no-store"
  10. Response.CacheControl = "no-cache"
  11.  
  12. %>
  13. <%
  14. If Session("Valid") = "" Then 
  15.     Response.redirect ("login.asp") 
  16. else
  17.     'response.redirect("ADDNEWSAR.asp")
  18. End If
  19. %>
  20.  
You could attempt setting any page that requires the user be logged in to not be cached?
Dec 8 '07 #8
Nicodemas
164 Expert 100+
Glad to be of service.
Dec 13 '07 #9

Sign in to post your reply or Sign up for a free account.

Similar topics

6
by: Al Jones | last post by:
This is a repost form the vbscript newgroup - if this isn't the appropriate group would you point me toward one that is. Basically, I seem to be losing session data part way though preparing an...
6
by: Lina Manjarres | last post by:
Hello, I have a session variable in a login page. Then I go to a form page where I uses the ProfileID and the UserID. Then I go to a result page where I would like to use the UserID as a filter,...
4
by: PJ | last post by:
A particular page seems to be having issues with correctly setting Session variables. I am setting a couple of session variables on the Page_Unload event. While stepping through code, the...
31
by: Harry Simpson | last post by:
I've come from the old ASP camp where session variables were not used. When i started using ASP.NET in 2001, I started using them again because it was ok from what I'd read. I've been merrily...
10
by: tshad | last post by:
I have been using the default session state (InProc) and have found that I have been loosing my information after a period of time (normally 20 minutes). Is there anyway to find out how much...
3
by: Alan Wang | last post by:
Hi there, Once my application gets complicated and complicated. I found it's really hard to keep track of Session value I am using in my asp.net application. I am just wondering if anyone have...
3
by: Phillip N Rounds | last post by:
I'm writing a user control which has two states: Active & InActive. I additionally am required that there to be only one active control per page, and all logic has to be contained within the...
18
by: BillE | last post by:
When a user opens a new IE browser window using File-New-Window the integrity of an application which relies on session state is COMPLETELY undermined. Anyone who overlooks the fact that...
26
by: BillE | last post by:
Some ASP.NET applications use Session Variables extensively to maintain state. These should be re-written to use viewstate, hidden fields, querystring, etc. instead. This is because if a user...
12
by: MrHelpMe | last post by:
Hello again all, I've finished my whole application and now I don't like the whole session variables that I am using. I have a form, user fills in info clicks submit and using CDOSYSMail an...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.