473,395 Members | 1,668 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > vb.net logout

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Vb.net logout

Hi,
I am writting a small web application and I want to
create a logout page for the users like the logout on
yahoo. If the users logout they cannot go back by using
back button history on the browser. Instead, they have to
login again. I am not using Forms Athentication because it is just for admin. Please give me some ideas on how to do it.
Thanks in advance
Sa
Apr 4 '10 #1

✓ answered by Frinavale

Well then you aren't "logging in" the user so there's no way to log out the user.
An old-school way to do "log in" a user would be to set a variable in Session and to check that variable every page access...if there is no variable there then you know that the user is not "logged in".

For example, in your Login page you would check to make sure that the user provided the correct userID and password and then you would store the UserID in session:

Expand|Select|Wrap|Line Numbers
  1. 'when the user tries to log in, check to make sure they provided
  2. 'valid credentials...if that authenticates then store the user ID in session
  3. If authenticateUser(txt_userID.Text, txt_password.Text) = True Then
  4.   Session("userID") = txt_userID.Text
  5. End If
Now you have to check to make sure that a value exists in Session("userID") on every page that is restricted to logged in users. If this does not exist then you redirect them to the login page (or something).

So in every Page Load you will have:
Expand|Select|Wrap|Line Numbers
  1. If Session("userID") Is Nothing Then
  2.   Response.Redirect("~/login.aspx", True)
  3. End If
When the user logs out, either use Session.Abandon (which cleans up everything in session and is probably the best thing to use) or you can just set Session("userID")=nothing.

This is very basic authorization stuff :)

-Frinny

7 6016
Shashi Sadasivan
1,435 Expert 1GB
The browser caches the pages visited, which is what you need to clear / disable

put this line in the Page_load of every page that you dont want to be cached (alternatively you can put this in the master page too)
Expand|Select|Wrap|Line Numbers
  1. Response.Cache.SetCacheability(HttpCacheability.NoCache);
  2.  
Here is a link with this discussion
http://forums.asp.net/t/1060173.aspx
Apr 5 '10 #2
Thanks for reply, I used this but it is not working. I am using
Expand|Select|Wrap|Line Numbers
  1.  Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
  2.  
  3.         Response.Cache.SetCacheability(HttpCacheability.NoCache)
  4.         Response.Cache.SetAllowResponseInBrowserHistory(False)
  5.  
  6.  
  7.     End Sub
Am I doing something wrong, please help me. It is still not logging out.
Sa
Apr 6 '10 #3
Frinavale
9,735 Expert Mod 8TB
That will simply prevent the user from returning to the page that is cached in the browser. To log out the user you have to do "something" to log out the user.

When the user logs in what do you do?
Apr 6 '10 #4
just Response.Redirect to the page I want user to go after logging in. I don't know if how to transfer user information to that new page.
Sa
Apr 6 '10 #5
Frinavale
9,735 Expert Mod 8TB
Well then you aren't "logging in" the user so there's no way to log out the user.
An old-school way to do "log in" a user would be to set a variable in Session and to check that variable every page access...if there is no variable there then you know that the user is not "logged in".

For example, in your Login page you would check to make sure that the user provided the correct userID and password and then you would store the UserID in session:

Expand|Select|Wrap|Line Numbers
  1. 'when the user tries to log in, check to make sure they provided
  2. 'valid credentials...if that authenticates then store the user ID in session
  3. If authenticateUser(txt_userID.Text, txt_password.Text) = True Then
  4.   Session("userID") = txt_userID.Text
  5. End If
Now you have to check to make sure that a value exists in Session("userID") on every page that is restricted to logged in users. If this does not exist then you redirect them to the login page (or something).

So in every Page Load you will have:
Expand|Select|Wrap|Line Numbers
  1. If Session("userID") Is Nothing Then
  2.   Response.Redirect("~/login.aspx", True)
  3. End If
When the user logs out, either use Session.Abandon (which cleans up everything in session and is probably the best thing to use) or you can just set Session("userID")=nothing.

This is very basic authorization stuff :)

-Frinny
Apr 6 '10 #6
Thanks for your help. This procedure seems good and easy to apply but when we press the back button in the browser it still goes back as if the person is logged on still.
I am using
Session("UserName") = txt_UserName.Text
when the username and password matchs the database values. And on the secured pages
If Session("UserName") Is Nothing Then
Response.Redirect("~/Login.aspx", True)
End If
It works till here. Then on the logout click button I have written
Session.Abandon()
Session("UserName") = Nothing
Response.Redirect("~/Login.aspx)
The page is redirected to the Login page but the user doesn't log out. The browser back button takes me back to the secured page.

I don't know what to do.
Apr 8 '10 #7
Frinavale
9,735 Expert Mod 8TB
That's a bit tricky.
You can try what has already been suggested...you can try setting the expiry date of the pages and using meta tags to try and tell the browser not to cache things. But I haven't found that any of these techniques work (well they kind of do in some browsers but not others and it's just not worth it)

The only way I've found to get around this is to use Ajax on the page.
If you place the page's content in an UpdatePanel than anything the user does on the page wont be cached. It can't be because the browser can only cache full page requests (right now).

So if the user hits the back button they won't see any of the previously entered data...they'll just see the page as it was before they did any work in it.

As soon as the user does anything that causes a post back to the server then they will be redirected again.


You may be able to use JavaScript in some way to send a request to the server but I'm not sure how you'd detect this and to be honest I think it might be tricky to implement.

-Frinny
Apr 8 '10 #8

Sign in to post your reply or Sign up for a free account.

Similar topics

2
Dynamic Logout Link - with style?
by: Jon Natwick | last post by:
I'm trying to add a dynamically created logout link on my pages. The link to the logout page will show if the user is logged in. I put a placeholder on the aspx page and then dynamically create...
ASP.NET
0
Login/Logout
by: ShailShin | last post by:
Hi All, Developing an VB App for Login and logout tracking. In App Form there are two buttons login and logout. When user click on login the loginName, LoginTime and LoginDate get stored in...
.NET Framework
25
need help with logout (logout not perfect)
by: crescent_au | last post by:
Hi all, I've written a login/logout code. It does what it's supposed to do but the problem is when I logout and press browser's back button (in Firefox), I get to the last login page. In IE,...
PHP
12
kamill
logout script not working properly.
by: kamill | last post by:
I have done a logout page for logout from admin section and provides a link to logout from admin section.Whenever i clicked on logout link it redirected to index.php of admin section......BUT when i...
PHP
10
How to do logout alert message ?
by: chaos | last post by:
How to do logout alert message when i press on the logout image <a href="../logout.php" target="_top" onClick="return logout()"...
PHP
1
logout problem using struts
by: shrik | last post by:
hi everybody. I have following problem. There are two pages. index.jsp and main.jsp in my application Index.jsp contains logging interface in . It submits password and userid to loginform bean. ...
Java
3
Forced user logout in 2.0
by: kpg* | last post by:
Hi all, I want to perform the same action the the loginstatus control does to logout a user programatically, but I can't seem to find a 'logout' method in any of the membership classes. The...
ASP.NET
1
Login Logout question
by: Kandiman | last post by:
Hiya, i made a asp page, and one of my divs (as a include) is as below. the problem is if the main page is resubmitted, i get logged out again?... heres the code.. i think its on the value=true...
ASP / Active Server Pages
4
problem in browser back button with logout
by: shahidrasul | last post by:
hi in my project when i click on logout anchor it goes to logout page and my code in logout page is if (Session != null) { Session = null; Session.Abandon(); ...
.NET Framework
10
Logout and Login is Screwy
by: DavidPr | last post by:
When I logout as one user and log in under a different user, it opens with the last user's information. User 1 - Unsername: Davey Jones User 2 - Unsername: David Smith I log out from Davey...
PHP
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!