Click here to Skip to main content
11,576,635 members (62,320 online)
Rate this: bad
good
Please Sign up or sign in to vote.
See more: ASP.NET Javascript
Hi friends, I have 2 master pages Default.aspx is from Site.Master and some more pages that are from Admin.Master, I have used the code that to prevent the user from going back to previous pages after logout.

Here is my code
 function preventBack() 
   {
   window.history.forward();
 
   }
setTimeout("preventBack()", 0);
window.onunload = function () { null };
 

The problem I am facing is that I am able to go back among pages that uses Admin.

Master page i.e I have Home.aspx, AboutUs.aspx,Admin.aspx,AddItem.aspx I was unable to navigate between those pages also. Please tell me how to solve this. I have tried other methods also, but still facing same problem.

Thanks in Advance

Ganesh
Posted 3-Oct-12 20:53pm
Ganeshcse2.4K
Edited 3-Oct-12 22:26pm
DaveAuld182.2K
v2
Comments
Joan Murt at 4-Oct-12 3:04am
   
Wouldn't it be better to check the logged status in all the pages at the beginning? if you are not logged in then at the page load you could redirect the user to another place...

I can imagine a simple way to kill your javascript method: going to the history of the browser you are using and then clicking on a link which you would like to protect...
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Make sure that admin pages are not cached (at all or just for a short period) on client side. There is no way to prevent user accessing the previous urls but you can prevent them seeing what was on them. Of course, disabling caching will increase web server roundtrips. Such javascript snippets are useless, since they can be disabled, and worked around in several ways.
See this article: http://www.extremeexperts.com/Net/FAQ/DisablingBackButton.aspx[^] for dealing with this from code, and from web.config: http://msdn.microsoft.com/en-us/library/ms178606(VS.80).aspx[^]
  Permalink  
v2
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

I think It's better to set a session variable at login page then check the login session every page on pageload and prevent caching eg:
Response.Cache.SetCacheability(HttpCacheability.NoCache);
if(Session["mysession"] != null)
{
response.redirect("login.aspx")
} 
else {....}


  Permalink  
v2
Comments
Ganeshcse at 4-Oct-12 23:38pm
   
Yes I have done this way but I am un able to go. All I want is that to Update the session value using javascript. I know that we cannot update the session variable using javascript but with the combination of Js and cookies it can be done but I didnot know how to do that. So Please tell me an alternative way of doing this.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 3

One needs to clear the cache such that browser has no history (this will make back/forward button in browser grayed out disabled.) Here are various ways of how one can do it:




One can clear browser history through JavaScript:

<SCRIPT LANGUAGE="javascript">
{
     var Backlen=history.length;
     history.go(-Backlen);
     window.location.href=page url
}
</SCRIPT>

one can set this in logout event:
protected void LogOut()
{
     Session.Abandon();
     string nextpage = "Logoutt.aspx";
     Response.Write("<script language="javascript">");
     Response.Write("{");
     Response.Write(" var Backlen=history.length;");
     Response.Write(" history.go(-Backlen);");
     Response.Write(" window.location.href='" + nextpage + "'; ");
     Response.Write("}");
     Response.Write("</script>");
}
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Sergey Alexandrovich Kryukov 271
1 F-ES Sitecore 140
2 Abhinav S 135
3 Lucifier Rocks 105
4 Dave Kreskowiak 80
0 OriginalGriff 705
1 Sergey Alexandrovich Kryukov 626
2 Abhinav S 483
3 F-ES Sitecore 410
4 Suvendu Shekhar Giri 365


Advertise | Privacy | Mobile
Web04 | 2.8.150603.1 | Last Updated 4 Oct 2012
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100