sessions for password protection

I have been using a session variable to protect my pages from unwanted visitors, but if someone presses the back button it seems to keep thier session as it was allowing them to use everything.
here is what I have if anyone has any advice I'd just around the join here for joy!


This Checks
<%
if isempty (Session("LoggedIn123")) then
Response.Redirect "login.asp"
end if
%>

This Logs Them off
<%
Session("LoggedIn123") = ""
Response.Redirect "login.asp"
%>

the check is on everypage, but again if you hit back it think you are still logged in?


Thanks in Advance

Dustin

Comments

  • Hi ,
    Rather than use this
    : This Checks
    : <%
    : isempty (Session("LoggedIn123")) then
    : Response.Redirect "login.asp"
    : end if
    : %>

    Try this one... at top of every page .......

    [red]<%[/red]@ language="vbscript"[red]%>
    <%[/red][blue]If[/blue] Session("LoggedIn123") <> "" [blue]Then[/blue][red]%>[/red]

    If user login is ok then the information you want to show goes here
    If not then ........


    [red]<%[/red][blue]Else[/blue]
    Response.Redirect ("login.asp")
    [blue]End If[/blue][red]%>[/red]


    and to log off then use

    [red]<%[/red]
    Session.Abandon
    Response.Redirect ("login.asp")
    [red]%>[/red]

    hope it will help you, if you'll get any prob then let me know :)

    [blue][b]Zeeshan Arshad[/b][/blue]
    [red]Web Developer[/red]
    dashingzee@yahoo.com
    http://www.zeeshanarshad.com


Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories

In this Discussion