• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

logout..

 
jyotsana dang
Ranch Hand
Posts: 135
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi..
in my application iam implementing the logout jsp part like this..
<%
if (session.isNew()==true)
response.sendRedirect(response.encodeRedirectURL("index.jsp"));
%>
<%
session.invalidate();
%>
<h4> You are being Logged out </h4> <br>
<a href = "index.jsp"> Login </a><br>
<b>Session ID: </b><%= session.getId() %>
%>
but when i hit the browser's back button, iam able to see the records once again..can we disable the back button ..
and when i refresh the page..the login(index.jsp) appears again..
thanks
[ March 23, 2004: Message edited by: jyotsana dang ]
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65120
91
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This has nothing at all to do with JDBC. Could you please make an effort to post your questions in an appropriate forum?
I do not believe that there is any way to disable the back button. Moving this to the HTML/Javascript forum for further discussion.
 
Varun Khanna
Ranch Hand
Posts: 1400
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

but when i hit the browser's back button, iam able to see the records once again..can we disable the back button ..

Search this forum for the text "Disable Back button" ... you may get few workarounds.
 
eammon bannon
Ranch Hand
Posts: 140
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You also probably want to set up your pages to properly expire, so old data will never be vidsible.
 
Yuriy Fuksenko
Ranch Hand
Posts: 413
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Actually, I would not worry about that. Just make sure, that if user performs some action with not existing record, server handles it correctly and user gets an appropriate error message.
If you think about it, the situation you described is eqvivalent to scenarion, when one user opens a record, and while he is looking at it another user deletes it.
Also, some time ago I posted a code that allows your script to find out, is current page a result of a back button or reload.
here is a link:
http://www.coderanch.com/t/113465/HTML-JavaScript/Browser-back-button-detecting
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yuriy that is fine, but what if JavaScript is turned off? It will not work...Expire the page on the server side!
 
Yuriy Fuksenko
Ranch Hand
Posts: 413
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, from my experience, client would prefer to see old data than to see "your page is expired, click reload" note. Besides, not all actions on a page may be invalid, even if record is not exist.
this is why I am saying - do not handle it. Make sure server will not break, and if action is incorrect, give an error message after page reloaded.
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But if the person logs out then they should not want to see that data and in this case she does not want the person to go back so it should be expired!
 
Yuriy Fuksenko
Ranch Hand
Posts: 413
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, but unfortunantly you can have "expired" only after you logged out, and not during your session.
And actually, for example, in my current project, if user is not logged in, and trying to access some page (let say, uses favorits), he is getting redirected to login page, and after login redirected back to the page he was trying to access.
[ March 24, 2004: Message edited by: Yuriy Fuksenko ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic