|
-
Aug 8th, 2004, 06:31 AM
#1
Thread Starter
Addicted Member
Session problem
I am facing problem with the session variables.
I have a login page in my website. Which sets a session variale (Session("username")=form.username) at the time of login.
In signout page I have this code. Session("username")="".
In my other page first I check whether a user is logged in or not by checking variable Session variable. Code is:
Code:
If Session("username")="" then
Response.Redirect("login.asp")
End If
If user is already logged in s/he will be directed to his selected page.
My problem is even if the user has signout and if he tries to access protected first time just after signout he sees the page and previous used username is shown as logged in. But if the page is refreshed once, he is directed to login page, means even after signout the session variable still holds last logged in username name, but once the page is refreshed it clears the session variable and direct the user to login page.
Can any one tell me where is the problem?
Thanks
-
Aug 8th, 2004, 03:26 PM
#2
Re: Session problem
Originally posted by sillylady
I am facing problem with the session variables.
I have a login page in my website. Which sets a session variale (Session("username")=form.username) at the time of login.
In signout page I have this code. Session("username")="".
In my other page first I check whether a user is logged in or not by checking variable Session variable. Code is:
Code:
If Session("username")="" then
Response.Redirect("login.asp")
End If
If user is already logged in s/he will be directed to his selected page.
My problem is even if the user has signout and if he tries to access protected first time just after signout he sees the page and previous used username is shown as logged in. But if the page is refreshed once, he is directed to login page, means even after signout the session variable still holds last logged in username name, but once the page is refreshed it clears the session variable and direct the user to login page.
Can any one tell me where is the problem?
Thanks
Thats because your browser is loading the Cached copy. Put the following lines in the pages you want to protect. It will instruct the browser no to cache the page.
I put the code in an Include file ...
VB Code:
Response.CacheControl="no-cache"
Response.AddHeader "Pragma","no-cache"
Response.Expires=0
[VBF RSS Feed]
There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.
If I have been helpful, Please Rate my Post. Thanks.
This post was powered by : 
-
Aug 8th, 2004, 11:18 PM
#3
Thread Starter
Addicted Member
Thanks Danial it's working.
Thanks
-
Aug 9th, 2004, 01:58 AM
#4
Shouldn't you be Session.Abandon()ing instead?
-
Aug 9th, 2004, 05:07 AM
#5
Originally posted by mendhak
Shouldn't you be Session.Abandon()ing instead?
Session.Abandon clears the session, but if you dont instruct the browser not to cache the page, first time the cached page will be loaded even if the user is not authenticated (e.g Session dont exist).
I use :
Session("Username")=""
Session.Abandon
Edit : Just realised you are refering to his/her Session("Username")=""
Yes its better to use Session.Abandon, though some time it fails to work, so to be in the safe side its better to clear it manually first and then using Session.Abandon
[VBF RSS Feed]
There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.
If I have been helpful, Please Rate my Post. Thanks.
This post was powered by : 
-
Aug 9th, 2004, 05:59 AM
#6
Ah well, those days are behind me now, hopefully. You should consider moving to ASP.NET, Danial. Worth the learning, see?
-
Aug 9th, 2004, 06:02 AM
#7
[VBF RSS Feed]
There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.
If I have been helpful, Please Rate my Post. Thanks.
This post was powered by : 
-
Aug 9th, 2004, 06:16 AM
#8
-
Aug 9th, 2004, 06:22 AM
#9
[VBF RSS Feed]
There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.
If I have been helpful, Please Rate my Post. Thanks.
This post was powered by : 
-
Aug 9th, 2004, 06:46 AM
#10
Yes, we need a silly little lady in the VB.NET forums.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|