Logging out of application
HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Logging out of application
I am not sure if this will work but try CFHEADER cfheader name=location value = someurl.html cfheader statusCode = 302 statusText = Document Moved. Let us know Thanks Paul Giesenhagen QuillDesign - Original Message - From: FlashGuy [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Thursday, February 27, 2003 11:58 AM Subject: Logging out of application HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Logging out of application
Nope. I can redirect to another template after clicking the logoff button. The problem is if I click on the back button of IE I can go back the the previous page. If the user logouts I want to force them to log back in. On Thu, 27 Feb 2003 12:03:13 -0600, Paul Giesenhagen wrote: I am not sure if this will work but try CFHEADER cfheader name=location value = someurl.html cfheader statusCode = 302 statusText = Document Moved. Let us know Thanks Paul Giesenhagen QuillDesign - Original Message - From: FlashGuy [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Thursday, February 27, 2003 11:58 AM Subject: Logging out of application HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Logging out of application
Here is what I use... !--- Sets the document to expire now. Should clear out the cached version and force a reload--- CFHEADER NAME=Expires VALUE=Now() !--- On HTTP version 1.0 servers, stops the browser and/or proxy from caching the document. Does not work on 1.1 servers --- CFHEADER NAME=Pragma VALUE=no-cache !--- On HTTP version 1.1 servers, stops the browser and/or proxy from caching the document. Also forces form elements to be re-examined.--- CFHEADER NAME=cache-control VALUE=no-cache, no-store, must-revalidate -Original Message- From: FlashGuy [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 11:59 AM To: CF-Talk Subject: Logging out of application HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Logging out of application
THis would go into the top of my logoff.cfm file? I tried it and I can still click the IE back button and go back the the previous template. On Thu, 27 Feb 2003 12:17:26 -0600, Andy Ousterhout wrote: CFHEADER NAME=Expires VALUE=Now() CFHEADER NAME=Pragma VALUE=no-cache CFHEADER NAME=cache-control VALUE=no-cache, no-store, must-revalidate --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Logging out of application
This is what I do on the Logout page: CFIF NOT StructISEmpty(SESSION) CFSET safelist = List,Of,Variables,To,Leave,Intact CFSET keysToStruct = StructKeyList(SESSION,,) !--- Kill SESSION Variables --- CFLOOP INDEX=ListElement LIST=#keysToStruct# CFIF ListContainsNoCase(safelist,ListElement,,) CFSET tmp=#StructDelete(SESSION,#ListElement#,TRUE)# /CFIF /CFLOOP !--- Kill SESSION Variables --- !--- Relocate --- cfoutputscriptdocument.location.href=#attributes.relocate#;/scrip t/cfoutput !--- Relocate --- /CFIF Joshua Miller Head Programmer / IT Manager Garrison Enterprises Inc. www.garrisonenterprises.net [EMAIL PROTECTED] (704) 569-9044 ext. 254 * Any views expressed in this message are those of the individual sender, except where the sender states them to be the views of Garrison Enterprises Inc. This e-mail is intended only for the individual or entity to which it is addressed and contains information that is private and confidential. If you are not the intended recipient you are hereby notified that any dissemination, distribution or copying is strictly prohibited. If you have received this e-mail in error please delete it immediately and advise us by return e-mail to [EMAIL PROTECTED] * -Original Message- From: Paul Giesenhagen [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 1:03 PM To: CF-Talk Subject: Re: Logging out of application I am not sure if this will work but try CFHEADER cfheader name=location value = someurl.html cfheader statusCode = 302 statusText = Document Moved. Let us know Thanks Paul Giesenhagen QuillDesign - Original Message - From: FlashGuy [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Thursday, February 27, 2003 11:58 AM Subject: Logging out of application HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Logging out of application
THis would go into the top of my logoff.cfm file? I tried it and I can still click the IE back button and go back the the previous template. This would need to go into each page that is currently being cached by the browser, that you don't want the user to be able to see after logging out; when you click the back button, the browser is simply retrieving the last page from its cache. However, since all they'd be seeing is what's in the cache, you typically don't really have to worry about this. So what if they see a cached page they saw a few minutes earlier? What's important, typically, is that they can't rerun the page on the server. For example, if they click on a link from the cached page that goes to another page on the server that isn't cached by the browser, they should be forced to login again. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Logging out of application
On Thu, 27 Feb 2003 13:32:12 -0500, Dave Watts wrote: THis would go into the top of my logoff.cfm file? I tried it and I can still click the IE back button and go back the the previous template. This would need to go into each page that is currently being cached by the browser, that you don't want the user to be able to see after logging out; when you click the back button, the browser is simply retrieving the last page from its cache. However, since all they'd be seeing is what's in the cache, you typically don't really have to worry about this. So what if they see a cached page they saw a few minutes earlier? What's important, typically, is that they can't rerun the page on the server. For example, if they click on a link from the cached page that goes to another page on the server that isn't cached by the browser, they should be forced to login again. Correct. I never tried that. Thats what I want. Thanks Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Logging out of application
You know that you don't need to get the structKeyList before the loop, right? You can do this instead: cfloop item=key collection=#session# === Raymond Camden, ColdFusion Jedi Master for Mindseye, Inc Member of Team Macromedia Email: [EMAIL PROTECTED] Blog : www.camdenfamily.com/morpheus/blog Yahoo IM : morpheus My ally is the Force, and a powerful ally it is. - Yoda -Original Message- From: Joshua Miller [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 12:24 PM To: CF-Talk Subject: RE: Logging out of application This is what I do on the Logout page: CFIF NOT StructISEmpty(SESSION) CFSET safelist = List,Of,Variables,To,Leave,Intact CFSET keysToStruct = StructKeyList(SESSION,,) !--- Kill SESSION Variables --- CFLOOP INDEX=ListElement LIST=#keysToStruct# CFIF ListContainsNoCase(safelist,ListElement,,) CFSET tmp=#StructDelete(SESSION,#ListElement#,TRUE)# /CFIF /CFLOOP !--- Kill SESSION Variables --- !--- Relocate --- cfoutputscriptdocument.location.href=#attributes.relocate #;/scrip t/cfoutput !--- Relocate --- /CFIF Joshua Miller Head Programmer / IT Manager Garrison Enterprises Inc. www.garrisonenterprises.net [EMAIL PROTECTED] (704) 569-9044 ext. 254 ** ** * Any views expressed in this message are those of the individual sender, except where the sender states them to be the views of Garrison Enterprises Inc. This e-mail is intended only for the individual or entity to which it is addressed and contains information that is private and confidential. If you are not the intended recipient you are hereby notified that any dissemination, distribution or copying is strictly prohibited. If you have received this e-mail in error please delete it immediately and advise us by return e-mail to [EMAIL PROTECTED] ** ** * -Original Message- From: Paul Giesenhagen [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 1:03 PM To: CF-Talk Subject: Re: Logging out of application I am not sure if this will work but try CFHEADER cfheader name=location value = someurl.html cfheader statusCode = 302 statusText = Document Moved. Let us know Thanks Paul Giesenhagen QuillDesign - Original Message - From: FlashGuy [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Thursday, February 27, 2003 11:58 AM Subject: Logging out of application HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Logging out of application
Thanks Raymond, that'll help speed things up! Joshua Miller Head Programmer / IT Manager Garrison Enterprises Inc. www.garrisonenterprises.net [EMAIL PROTECTED] (704) 569-9044 ext. 254 * Any views expressed in this message are those of the individual sender, except where the sender states them to be the views of Garrison Enterprises Inc. This e-mail is intended only for the individual or entity to which it is addressed and contains information that is private and confidential. If you are not the intended recipient you are hereby notified that any dissemination, distribution or copying is strictly prohibited. If you have received this e-mail in error please delete it immediately and advise us by return e-mail to [EMAIL PROTECTED] * -Original Message- From: Raymond Camden [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 2:07 PM To: CF-Talk Subject: RE: Logging out of application You know that you don't need to get the structKeyList before the loop, right? You can do this instead: cfloop item=key collection=#session# === Raymond Camden, ColdFusion Jedi Master for Mindseye, Inc Member of Team Macromedia Email: [EMAIL PROTECTED] Blog : www.camdenfamily.com/morpheus/blog Yahoo IM : morpheus My ally is the Force, and a powerful ally it is. - Yoda -Original Message- From: Joshua Miller [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 12:24 PM To: CF-Talk Subject: RE: Logging out of application This is what I do on the Logout page: CFIF NOT StructISEmpty(SESSION) CFSET safelist = List,Of,Variables,To,Leave,Intact CFSET keysToStruct = StructKeyList(SESSION,,) !--- Kill SESSION Variables --- CFLOOP INDEX=ListElement LIST=#keysToStruct# CFIF ListContainsNoCase(safelist,ListElement,,) CFSET tmp=#StructDelete(SESSION,#ListElement#,TRUE)# /CFIF /CFLOOP !--- Kill SESSION Variables --- !--- Relocate --- cfoutputscriptdocument.location.href=#attributes.relocate #;/scrip t/cfoutput !--- Relocate --- /CFIF Joshua Miller Head Programmer / IT Manager Garrison Enterprises Inc. www.garrisonenterprises.net [EMAIL PROTECTED] (704) 569-9044 ext. 254 ** ** * Any views expressed in this message are those of the individual sender, except where the sender states them to be the views of Garrison Enterprises Inc. This e-mail is intended only for the individual or entity to which it is addressed and contains information that is private and confidential. If you are not the intended recipient you are hereby notified that any dissemination, distribution or copying is strictly prohibited. If you have received this e-mail in error please delete it immediately and advise us by return e-mail to [EMAIL PROTECTED] ** ** * -Original Message- From: Paul Giesenhagen [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 1:03 PM To: CF-Talk Subject: Re: Logging out of application I am not sure if this will work but try CFHEADER cfheader name=location value = someurl.html cfheader statusCode = 302 statusText = Document Moved. Let us know Thanks Paul Giesenhagen QuillDesign - Original Message - From: FlashGuy [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Thursday, February 27, 2003 11:58 AM Subject: Logging out of application HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba
Re: Logging out of application
Andy, Should the value of Expires not be in the following format Tue, 04 Jan 1994 14:13:25 GMT ? Just a thought.. - Original Message - From: Andy Ousterhout [EMAIL PROTECTED] To: CF-Talk [EMAIL PROTECTED] Sent: Friday, February 28, 2003 4:17 AM Subject: RE: Logging out of application Here is what I use... !--- Sets the document to expire now. Should clear out the cached version and force a reload--- CFHEADER NAME=Expires VALUE=Now() !--- On HTTP version 1.0 servers, stops the browser and/or proxy from caching the document. Does not work on 1.1 servers --- CFHEADER NAME=Pragma VALUE=no-cache !--- On HTTP version 1.1 servers, stops the browser and/or proxy from caching the document. Also forces form elements to be re-examined.--- CFHEADER NAME=cache-control VALUE=no-cache, no-store, must-revalidate -Original Message- From: FlashGuy [mailto:[EMAIL PROTECTED] Sent: Thursday, February 27, 2003 11:59 AM To: CF-Talk Subject: Logging out of application HI, I have a logout button in my application. When clicked I want to sent the user back to the login screen. This works just fine. The problem I'm having is if I click on the back button in IE I'm able to go back to that page. I don't want this to happen. How can I clear all session varaibles etc.? This is what I have in my logout.cfm file: cfif IsDefined(Cookie.CFID) AND IsDefined(Cookie.CFTOKEN) cfset localCFID = Cookie.CFID cfset localCFToken = Cookie.CFTOKEN cfcookie name=CFID value=#localCFID# cfcookie name=CFTOKEN value=#localCFTOKEN# /cfif CFLOCATION URL=/website/secure/index.htm The index.htm is my login (authentication) template. --- Colonel Nathan R. Jessop Commanding Officer Marine Ground Forces Guatanamo Bay, Cuba --- ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribeforumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4