I'm using CFML on my application. I need help with developing a logout operation that destroys a session. For now, on the logout link I'm calling the login page that's how when the BACK Button on the browser is clicked the user is still logged in. <!---authenticationService.cfc---> <cfcomponent> <!---validateUser() Method---> <cffunction name="validateUser" access="public" output="false" returntype="array"> <cfargument name="userEmail" type="string" required="true" /> <cfargument name="userPassword" type="string" required="true" /> <cfset var aErrorMessages=ArrayNew(1) /> <!---Validate the email---> <cfif NOT isValid('email',arguments.userEmail)> <cfset arrayAppend(aErrorMessages,'Please,provide a valid email address') /> </cfif> <!---Validating the Password---> <cfif arguments.userPassword EQ ''> <cfset arrayAppend(aErrorMessages,'Please, provide a password') /> </cfif> <cfreturn aErrorMessages /> </cffunction> <!---doLogin() Method---> <cffunction name="doLogin" access="public" output="false" returntype="boolean"> <cfargument name="userEmail" type="string" required="true" /> <cfargument name="userPassword" type="string" required="true" /> <!---create the isUserLoggedIn variable---> <cfset var isUserLoggedIn=false /> <!---get the user data from the database---> <cfquery datasource="myapp" name="getInfo"> select * from Info where emailid='#form.userEmail#' and password='#form.userPassword#' </cfquery> <!---Check if the query returns one and only one user---> <cfif getInfo.recordcount eq 1 > <!--- log the user in ---> <cflogin> <cfloginuser name="#getInfo.username#" password="#getInfo.password#" roles="#getInfo.role#"> </cflogin> <!--- save user data in session scope ---> <cfset session.stLoggedInUser={'userFirstName'=getInfo.username} /> <!---change the isUserLoggedIn variable to true---> <cfset var isUserLoggedIn=true /> </cfif> <!---return the isUserLoggedIn variable ---> <cfreturn isUserLoggedIn /> </cffunction> <!---doLogout() Method---> <cffunction name="doLogout" access="public" output="false" returntype="any"> <!---delete user from session scope---> <cfset structDelete(session,'stLoggedInUser') /> <!---log the user out---> <cflogout /> </cffunction> </cfcomponent> <!---LoginForm.cfm---> <!---Handle the logout---> <cfif structKeyExists(URL,'logout')> <cfset createObject("component",'authenticationService').doLogout() /> </cfif> <!---Form processing begins here---> <cfif structkeyExists(form,'submitLogin')> <!---Create an instane of the authenticate service component---> <cfset authenticationService=createObject("component",'authenticationService') /> <!---Server side data validation---> <cfset aErrorMessages=authenticationService.validateUser(form.userEmail,form.userPassword)> <cfif ArrayisEmpty(aErrorMessages)> <!---Proceed to the login procedure ---> <cfset isUserLoggedIn=authenticationService.doLogin(form.userEmail,form.userPassword) > </cfif> </cfif> <!---Form processing ends here---> <cfform> <fieldset> <legend>Login</legend> <cfif structKeyExists(variables,'aErrorMessages') AND NOT ArrayIsEmpty(aErrorMessages)> <cfoutput> <cfloop array="#aErrorMessages#" index="message" > <p >#message#</p> </cfloop> </cfoutput> </cfif> <cfif structKeyExists(variables,'isUserLoggedIn') AND isUserLoggedIn EQ false> <p class="errorMessage">User not found.Please try again!</p> </cfif> <cfif structKeyExists(session,'stLoggedInUser')> <!---display a welcome message---> <p><cfoutput>Welcome #session.stLoggedInUser.userFirstName# </cfoutput> <p><a href='#'>My profile</a><a href="LoginForm.cfm?logout">Logout</a></p> <cfelse> <dl> <dt> <label for="userEmail">Email address</label> </dt> <dd> <cfinput type="email" name="userEmail" required="true" > </dd> <dt> <label for="userEmail">Password</label> </dt> <dd> <cfinput type="password" name="userPassword" required="true" > </dd> </dl> <cfinput type="submit" name="submitLogin" value="Login" /> </fieldset> </cfif> </cfform> <cfdump var="#session#">
... View more