> I am having no luck expiring a users session. Here is what I > am attemnpting: User logs in.. All is fine, a session variable > is set to "loggedin". When the user clicks "log out" I call a > template that sets the value of the session var to "loggedout" > and then redirect them to a new page. The problem is that if > they hit the browsers back button they can still get to the page > they were viewing when they logged on. I have tried using > cflocation to send them to the enw page and I even check for the > value of the sesison var before displaying the page that is > protected via the login...
Perhaps the browser is pulling the page from its cache. If this is a concern, you can add the appropriate HTTP headers and/or META tags to avoid caching. For example: <cfhtmlhead text="<META HTTP-EQUIV='Expires' CONTENT='Mon, 01 Jan 1950 00:00:01 GMT'>"> <cfhtmlhead text="<META HTTP-EQUIV='Expires' CONTENT='-1'>"> <cfhtmlhead text="<META HTTP-EQUIV='Pragma' CONTENT='no-cache'>"> <cfheader name="Pragma" value="no-cache"> <cfheader name="Expires" value="#now()#"> <cfheader name="Cache-Control" value="no-cache, no-store, proxy-revalidate, must-revalidate"> (pulled from an email I got from another developer here at Fig Leaf) Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
