Is it possible?

**Jerry Grant** · Feb 23rd, 2001, 03:53 AM

Put the following on each ASP page which is not to be cached.

Code:

<%
'== DONT ALLOW CACHE ON CLIENT =='
Response.Buffer = True
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
%>

For HTML use the following:

Code:

<HTML><HEAD>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
</HEAD><BODY>
</BODY>
</HTML>

Hope this helps

**Randhart** · Feb 23rd, 2001, 05:51 AM

Thanks .. it looked like it may work ... another question if you don't mind!

Can I stop people from Book-marking a page? i already disabled the rightclick menu and removed the menubar at the top .. but I still fear people will be able to bookmark certain pages using <CTRL> D or what ever you use for it.

Thanks again

**Jerry Grant** · Feb 23rd, 2001, 06:17 AM

Not as far as I know!
You can't stop someone creating a bookmark manually, and entering a typed URL.

What do you want to hide? There may be another work around.

**Randhart** · Feb 23rd, 2001, 06:29 AM

Hey there

I want to stop a userf rom going into a user log-in section with-out going though the propper channels.

I.e. first have to Log in then from there you can navigate futer into the Database.

You can go to http://www.newsclip.co.za and have a look at what I did thus far.

Thanks for the help

**Jerry Grant** · Feb 23rd, 2001, 07:25 AM

I've got a link on a site I wrote that prevents users from going into a secure area with a password protected link.

The password script cannot be viewed by the user, and is pretty hack proof. Send me a private message with your email address and I will forward you the code.

However once the use gets in, then they can bookmark the pages from then on.

If the user navigates to that page from a bookmark, and there is not a session variable with a codeflag (which is set in ASP when the password form is requested), the restricted page is redirected to the ASP password page first.

Regards

Feb 23rd, 2001, 07:34 AM

If your site is all asp (or other server sidescripted) pges then just make a logon screen that puts their username into a session variable (only if their username and password were correct) and use ssi to include a bit of script at the top of all the other pages. The bit of script you include checks for that session variable - if it's not there then it redirects the user to the login page.

Thread: Is it possible?

Thread Tools

Display

Thanks Mate!

What I want to hide

Good hack proof password page!

Posting Permissions