Home
ASP.NET Forums » General ASP.NET » State Management » whats wrong in my session creation?

whats wrong in my session creation?

Last post 05-09-2008 1:40 PM by topcatin. 5 replies.

Sort Posts:

  • whats wrong in my session creation?

    05-09-2008, 9:02 AM
    Hi friends, i have designed login page for the first time.

    I am designing a log in page. It contains user name and password fields, and a submit button.
    So user enters user id, password and clicks submit button and he will be logged in. He will be redirected to inbox page.

    Now if he click the logout button, he will be logged out and will be redirected to login page.
    This is the scenario.

    But my problem is after user cliked logout button, if he clicks back,forward buttons in Internet Explorer, he is still able to log in automatically.

    Infact my session creation approach may be very wrong. Please correct me

    My code is here

    Default.aspx :


    protected void Button1_Click(object sender, EventArgs e)
    {
    if (TextBox1.Text == "ravi" && TextBox2.Text == "programmer")
    {
    Session["a"] = "session1";

    Response.Redirect("Default2.aspx");
    }
    }




    Default2.aspx :



    protected void Page_Load(object sender, EventArgs e)
    {
    if (Session["a"] == null)
    {

    Response.Redirect("Default.aspx");
    }
    else
    {

    Response.Write("welcome to page");

    }


    }
    protected void Logout_Click(object sender, EventArgs e)
    {
    Session.Remove("a");

    Response.Redirect("Default.aspx");
    }

  • Re: whats wrong in my session creation?

    05-09-2008, 9:24 AM

     Use Session.Abandon(); and Session.clear(); at logout

     check for Session["any"] == null on pageload.
     

    Hope it helps.

    -Manas

  • Re: whats wrong in my session creation?

    05-09-2008, 9:27 AM

     

    The code should be following  

    protected void Logout_Click(object sender, EventArgs e)
    {

    Session["a"] = null;
    Session.Remove("a");

    Response.Redirect("Default.aspx");
    }

  • Re: whats wrong in my session creation?

    05-09-2008, 9:31 AM

     

    i am afraid my session creation approach is wrong.

    when user enters clicks submit button i created a session as

     

    Session["a"]="xyz".

    is this the correct way to create a session?

     

    also  I tried with session.Abandon() and Session.Clear().

    but still when i click back button in IE it automatically displays inbox page

     

    Thank you

  • Re: whats wrong in my session creation?

    05-09-2008, 1:32 PM
    Answer

     

    hi friends, this link has helpled me http://forums.asp.net/t/955607.aspx

  • Re: whats wrong in my session creation?

    05-09-2008, 1:40 PM
    • Loading...
    • topcatin
    • Joined on 01-30-2007, 10:43 AM
    • Posts 281

    Session.Abandon() or Session.destroy(i think is there)

    or Session.Remove will work. You have to destroy the session when the user logs out..thats the key.
Page 1 of 1 (6 items)
RSS Available

Advertise on ASP.NET

About this Site