C# + BackButton + Session = Dang! I'm Lost!

[Guest]

We're using C# & VS 2005.

In our app ... someone is "logged-in" if Session("companyID") exists and is
non-zero.

How do we implement a "Logout" button that signs off session, sets
Session("companyID")=0, and prevents another person from (later) using the
BACK button ... in the SAME IE window? BUT, our users want the BACK button
functionality at all other times?

Any advice or technique would be appreciated.

P.S. apparently the LOAD event does not fire for a webpage when the BACK
button is used .... right?

 

[Nicholas Paldino [.NET/C# MVP]]

All you have to do is call the Abandon method on the HttpSessionState
instance in your page. This will cause the session state to be abondoned,
and the current session is no longer valid.

As for the back button not working, well, you would have to make it so
that your pages are not cached on the local browser at all. This way, you
can check on the server level if the session is still valid.

 

[Ignacio Machin \( .NET/ C# MVP \)]

Hi,

Your logout button needs to use HttpSession.Abandon ( from a web page you
use Session.Abandon() ) this will clear the session ID

 

[Guest]

I don't understand "not cached on the local browser at all". How is that done?

Thanks!

--
F.V.

All you have to do is call the Abandon method on the HttpSessionState
instance in your page. This will cause the session state to be abondoned,
and the current session is no longer valid.

As for the back button not working, well, you would have to make it so
that your pages are not cached on the local browser at all. This way, you
can check on the server level if the session is still valid.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

We're using C# & VS 2005.

In our app ... someone is "logged-in" if Session("companyID") exists and
is
non-zero.

How do we implement a "Logout" button that signs off session, sets
Session("companyID")=0, and prevents another person from (later) using the
BACK button ... in the SAME IE window? BUT, our users want the BACK button
functionality at all other times?

Any advice or technique would be appreciated.

P.S. apparently the LOAD event does not fire for a webpage when the BACK
button is used .... right?

 

[Ignacio Machin \( .NET/ C# MVP \)]

Hi,

One of the header that the server send to the browser says if the browser
can cache the page or not, It' s the Expired , no-cache, do not remember
right now , google for it

I don't understand "not cached on the local browser at all". How is that
done?

Thanks!

--
F.V.

All you have to do is call the Abandon method on the HttpSessionState
instance in your page. This will cause the session state to be
abondoned,
and the current session is no longer valid.

As for the back button not working, well, you would have to make it
so
that your pages are not cached on the local browser at all. This way,
you
can check on the server level if the session is still valid.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

We're using C# & VS 2005.

In our app ... someone is "logged-in" if Session("companyID") exists
and
is
non-zero.

How do we implement a "Logout" button that signs off session, sets
Session("companyID")=0, and prevents another person from (later) using
the
BACK button ... in the SAME IE window? BUT, our users want the BACK
button
functionality at all other times?

Any advice or technique would be appreciated.

P.S. apparently the LOAD event does not fire for a webpage when the
BACK
button is used .... right?