"guy" <g**@discussions.microsoft.com> wrote in message
news:DDBE416C-D7D4-459D-91E2-65823C177520@microsoft.com...
>I am not a web developer so this is probably easy!
> in a web app i have a login page
> if a user logs in, does stuff, logs out - which takes them back to the
> login
> page - how do i stop a new user hitting 'back' from the login page and
> seeing
> the last page the previous user was looking at (this could be any page in
> the
> application)?
>

"Timo" wrote:

> When a user logs in to your web app, it sets a cookie to know
> who's logged in. When user logs out the cookie is disposed.
> One more thing to do is not to store pages in browser cache.
>
> If your web app is written is ASP, you can set the precise date
> and time when a cached page expires:
> Response.ExpiresAbsolute = Now() - 1
>
> Or specify the time in minutes before a cached page expires:
> Response.Expires = 0
> Setting this value to zero reloads page every time.
>
> In plain HTML tell the browser not to cache page and immediately
> expire page:
> <HTML>
> <HEAD>
> <TITLE>---</TITLE>
> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
> <META HTTP-EQUIV="Expires" CONTENT="-1">
> </HEAD>
>
> Similar techniques can be used in ASP.NET and PHP.
>
> - Timo
>
>
> "guy" <g**@discussions.microsoft.com> wrote in message
> news:DDBE416C-D7D4-459D-91E2-65823C177520@microsoft.com...
> >I am not a web developer so this is probably easy!
> > in a web app i have a login page
> > if a user logs in, does stuff, logs out - which takes them back to the
> > login
> > page - how do i stop a new user hitting 'back' from the login page and
> > seeing
> > the last page the previous user was looking at (this could be any page in
> > the
> > application)?
> >
>
>
>

"guy" wrote:

> Thanks Timo, the problem is that most of the time i do not want the page to
> be reloaded each time, i want back and forward functionality to work.
>
> if loged out the application will force a log in when the operator tries to
> do anything within the application (this works), but when in the login page
> ONLY i do not want them to be able to go 'back' and see the previous page.
>
> Correct me if i am wrong but  setting Response.Expires would have to be done
> in every page, and this would not be waht i want
>
> thanks
>
> guy
> "Timo" wrote:
>
> > When a user logs in to your web app, it sets a cookie to know
> > who's logged in. When user logs out the cookie is disposed.
> > One more thing to do is not to store pages in browser cache.
> >
> > If your web app is written is ASP, you can set the precise date
> > and time when a cached page expires:
> > Response.ExpiresAbsolute = Now() - 1
> >
> > Or specify the time in minutes before a cached page expires:
> > Response.Expires = 0
> > Setting this value to zero reloads page every time.
> >
> > In plain HTML tell the browser not to cache page and immediately
> > expire page:
> > <HTML>
> > <HEAD>
> > <TITLE>---</TITLE>
> > <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
> > <META HTTP-EQUIV="Expires" CONTENT="-1">
> > </HEAD>
> >
> > Similar techniques can be used in ASP.NET and PHP.
> >
> > - Timo
> >
> >
> > "guy" <g**@discussions.microsoft.com> wrote in message
> > news:DDBE416C-D7D4-459D-91E2-65823C177520@microsoft.com...
> > >I am not a web developer so this is probably easy!
> > > in a web app i have a login page
> > > if a user logs in, does stuff, logs out - which takes them back to the
> > > login
> > > page - how do i stop a new user hitting 'back' from the login page and
> > > seeing
> > > the last page the previous user was looking at (this could be any page in
> > > the
> > > application)?
> > >
> >
> >
> >

> Solved ...
> When the user hits the logout button - go to a page that redirects
> them to
> the Login page, this means that if they hit Back from the Login page
> they go
> to athe page that redirects them back to the Login
> "guy" wrote:
>
>> Thanks Timo, the problem is that most of the time i do not want the
>> page to be reloaded each time, i want back and forward functionality
>> to work.
>>
>> if loged out the application will force a log in when the operator
>> tries to do anything within the application (this works), but when in
>> the login page ONLY i do not want them to be able to go 'back' and
>> see the previous page.
>>
>> Correct me if i am wrong but  setting Response.Expires would have to
>> be done in every page, and this would not be waht i want
>>
>> thanks
>>
>> guy
>> "Timo" wrote:
>>> When a user logs in to your web app, it sets a cookie to know who's
>>> logged in. When user logs out the cookie is disposed. One more thing
>>> to do is not to store pages in browser cache.
>>>
>>> If your web app is written is ASP, you can set the precise date
>>> and time when a cached page expires:
>>> Response.ExpiresAbsolute = Now() - 1
>>> Or specify the time in minutes before a cached page expires:
>>> Response.Expires = 0
>>> Setting this value to zero reloads page every time.
>>> In plain HTML tell the browser not to cache page and immediately
>>> expire page:
>>> <HTML>
>>> <HEAD>
>>> <TITLE>---</TITLE>
>>> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
>>> <META HTTP-EQUIV="Expires" CONTENT="-1">
>>> </HEAD>
>>> Similar techniques can be used in ASP.NET and PHP.
>>>
>>> - Timo
>>>
>>> "guy" <g**@discussions.microsoft.com> wrote in message
>>> news:DDBE416C-D7D4-459D-91E2-65823C177520@microsoft.com...
>>>
>>>> I am not a web developer so this is probably easy!
>>>> in a web app i have a login page
>>>> if a user logs in, does stuff, logs out - which takes them back to
>>>> the
>>>> login
>>>> page - how do i stop a new user hitting 'back' from the login page
>>>> and
>>>> seeing
>>>> the last page the previous user was looking at (this could be any
>>>> page in
>>>> the
>>>> application)?

"GhostInAK" wrote:

> Hello guy,
> HAHA.  I absolutely HATE companies that do that.  Your so-caled colution
> will work only if the user isnt some twitchy 14 yr old that can hit the button
> faster than the redirect can happen.. or if the user is too stoopid to notice
> the drop down arrow next to the back button.
>
> -Boo
>
> > Solved ...
> > When the user hits the logout button - go to a page that redirects
> > them to
> > the Login page, this means that if they hit Back from the Login page
> > they go
> > to athe page that redirects them back to the Login
> > "guy" wrote:
> >
> >> Thanks Timo, the problem is that most of the time i do not want the
> >> page to be reloaded each time, i want back and forward functionality
> >> to work.
> >>
> >> if loged out the application will force a log in when the operator
> >> tries to do anything within the application (this works), but when in
> >> the login page ONLY i do not want them to be able to go 'back' and
> >> see the previous page.
> >>
> >> Correct me if i am wrong but  setting Response.Expires would have to
> >> be done in every page, and this would not be waht i want
> >>
> >> thanks
> >>
> >> guy
> >> "Timo" wrote:
> >>> When a user logs in to your web app, it sets a cookie to know who's
> >>> logged in. When user logs out the cookie is disposed. One more thing
> >>> to do is not to store pages in browser cache.
> >>>
> >>> If your web app is written is ASP, you can set the precise date
> >>> and time when a cached page expires:
> >>> Response.ExpiresAbsolute = Now() - 1
> >>> Or specify the time in minutes before a cached page expires:
> >>> Response.Expires = 0
> >>> Setting this value to zero reloads page every time.
> >>> In plain HTML tell the browser not to cache page and immediately
> >>> expire page:
> >>> <HTML>
> >>> <HEAD>
> >>> <TITLE>---</TITLE>
> >>> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
> >>> <META HTTP-EQUIV="Expires" CONTENT="-1">
> >>> </HEAD>
> >>> Similar techniques can be used in ASP.NET and PHP.
> >>>
> >>> - Timo
> >>>
> >>> "guy" <g**@discussions.microsoft.com> wrote in message
> >>> news:DDBE416C-D7D4-459D-91E2-65823C177520@microsoft.com...
> >>>
> >>>> I am not a web developer so this is probably easy!
> >>>> in a web app i have a login page
> >>>> if a user logs in, does stuff, logs out - which takes them back to
> >>>> the
> >>>> login
> >>>> page - how do i stop a new user hitting 'back' from the login page
> >>>> and
> >>>> seeing
> >>>> the last page the previous user was looking at (this could be any
> >>>> page in
> >>>> the
> >>>> application)?
>
>
> and the answer is?