Re: cflogin tag and the browser back button

Rebecca Wells Wed, 23 Mar 2005 16:54:26 -0800

So, am I the only one who has this problem? If so, could somebody please put me 
straight.


> I have tried all that and still have the same problem. 
> 
> In the Application.cfm file:
   
> <cfif IsDefined("url.logout")>
>       <cflocation url="logout.cfm" addtoken="No">
   
> </cfif>
   
> <cfinclude template="act_login.cfm">
> 
> In the logout.cfm file:
   
> <cflogout>
   
> <cfheader name="Expires" value="#Now()#">
   
> <cfheader name="Pragma" value="no-cache">
   
> <cfheader name="Cache-Control" value="no-cache, no-store, 
> must-revalidate">
   
> <cfcookie name="CFID" expires="now">
   
> <cfcookie name="CFTOKEN" expires="now">
   
> <cfcookie name="JSESSIONID" expires="now">
   
> <cfset StructClear(Session)>
   
> <cfif isdefined('cflogin')>
>       <cfset StructClear(cflogin)>
   
> </cfif>
   
> <cfif structKeyExists(form,"LoginForm")>
>       <cfset StructClear(Form)>
   
> </cfif>
   
> <cflocation url="index.cfm" addtoken="No">
> 
> And in the act_login.cfm page:
   
> <!--- Idle timeout in seconds. matches session timeout in 
> cfapplication --->
   
> <cflogin idletimeout=#Ltimeout#>
> 
   
> <cfif NOT IsDefined("cflogin")>
>       <cfinclude template="dsp_loginform.cfm">
>       <cfabort>
   
> <cfelse>
>       <cfif structKeyExists(form,"LoginForm")>
>               <!--- If variables.authenticated is not empty, user is valid. 
> --->
>               <cfif form.J_USERNAME neq "test" or form.J_PASSWORD neq "test">
>                       <cfinclude template="dsp_loginform.cfm">
>                       <cfabort>
>               <cfelse>
>                       <cfloginuser name="#cflogin.Name#" 
> password="#cflogin.password#" 
> roles="">
>               </cfif>
>       <cfelse>
>               <cfinclude template="dsp_loginform.cfm">
>               <cfabort>
>       </cfif>
   
> </cfif>
   
> </cflogin>
> 
> I made sure that the non-caching code was in the head section of the 
> display pages. The back button will still get me logged back in after 
> I've logged out.
> 
> 
> 
> >Once they have logged out, redirect them to the sign-in page using
> >CFLOCATION or a javascipt redirect.  That will clear the form
> >submission. 
> >
> >Then, on each page request, you need to instruct the browser not to 
> use
> >the cached copies of the pages.
> >
> >I just posted some non-caching code this morning, but I don't 
> remember
> >which newsgroup it was, this or cf-community or the cfc list.
> >
>M!ke

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Find out how CFTicket can increase your company's customer support 
efficiency by 100%
http://www.houseoffusion.com/banners/view.cfm?bannerid=49

Message: http://www.houseoffusion.com/lists.cfm/link=i:4:199846
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54

Re: cflogin tag and the browser back button

Reply via email to