LogOut Issue

Report · Apr 23, 2014

Hi

When i logout from my index Page then Login Page Open but when i click on back button in Browser Then Index Page open. I want once logout then not open other when clik on back button in Browser page like facebook..

I add my code Follow:

Application.cfc

</cfif>

</cfif>

</cflogin>

</cffunction>

</cfcomponent>

index.cfm

<!DOCTYPE html>

<html>

<head>

<title>

Untitled Document

</title>

</head>

<body>

<h3>

Welcome to Photo Gallary.....

</h3>

<a href="logout.cfm">Logout</a>

</body>

</html>

login.cfm

<!DOCTYPE html>

<html>

<head>

<meta

http-equiv="Content-Type" content="text/html"; charset="utf-8"/>

<title>

Untitled Document

</title>

</head>

<body>

<tr>

<td>

User Name:

</td>

<td>

</td>

</tr>

<tr>

<td>

Password:

</td>

<td>

</td>

</tr>

<tr>

<td>

</td>

</tr>

</table>

</cfform>

<cfoutput>#request.errorMessage#</cfoutput>

</p>

</cfif>

</body>

</html>

logout.cfm

Report · May 05, 2014

Done it above you say.....

this.sessionTimeOut = createTimeSpan(0,0,20,0);

if(current_page is "index.cfm" AND (isDefined("session.pageLastVisited") and session.pageLastVisited is "login.cfm"))

if(structKeyExists(form, "login") AND structKeyExists(form, "username") AND structKeyExists(form, "password"))

if(form.username EQ "admin" AND form.password EQ "password")

if(NOT session.loggedin AND NOT find("login.cfm", arguments.req))

if(NOT structIsEmpty(form) AND NOT structKeyExists(form, "login"))

if(session.loggedin AND structKeyExists(session, "formData") and isJSON(session.formData))

Still not work it.....

Not Work means when logout and click back button then the previous page(index.cfm) will open.....

Now????

Report · May 05, 2014

Try these 3 meta tags for preventing caching. View the page source to confirm the meta tags are arriving at the browser.

index.cfm

<!DOCTYPE html>

<html>

<head>

<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">

<meta http-equiv="Pragma" content="no-cache">

<meta http-equiv="Expires" content="0">

<title>

Untitled Document

</title>

</head>

<body>

<h3>

Welcome to Photo Gallary.....

</h3>

<a href="logout.cfm">Logout</a>

</body>

</html>

Report · May 05, 2014

Please show us the current code of login.cfm and logout.cfm.

Report · May 05, 2014

login.cfm

<h2>Please Login</h2>

<p>Use admin and password for your username and password.</p>

<p>You didn't enter the right credentials!</p>

</cfif>

username: <input type="text" name="username"><br/>

password: <input type="password" name="password"><br/>

</form>

logout.cfm

Report · May 05, 2014

Thanks. Expect me back in a moment.

Report · May 05, 2014

Shraddha,

Strip the code down to its bare essentials, and you will find that the suggestion I gave you works. For example, put the following 4 files in the same directory. Then open index.cfm in the browser, and click on the 'Logout' link. You will arrive at login.cfm. Clicking on the browser's back button will not take you back to index.cfm.

Application.cfc

component {

this.name="logindemo";

this.applicationTimeout = createTimespan(1,0,0,0);

this.sessionManagement="true";

this.sessionTimeOut = createTimeSpan(0,0,20,0);

this.loginStorage = "session";

public boolean function onRequestStart(string targetPage)

{

var current_page = listLast(arguments.targetPage, "/");

if(current_page is "index.cfm" AND (isDefined("session.pageLastVisited") AND session.pageLastVisited is "login.cfm"))

{

location(url="login.cfm");

}

session.pageLastVisited = current_page;

return true;

}

index.cfm

<!DOCTYPE html>

<html>

<head>

<title>

Untitled Document

</title>

</head>

<body>

<h3>

Welcome to Photo Gallary.....

</h3>

<a href="logout.cfm">Logout</a>

</body>

</html>

login.cfm

<h2>Please Login</h2>

<p>Use admin and password for your username and password.</p>

<p>You didn't enter the right credentials!</p>

</cfif>

username: <input type="text" name="username"><br/>

password: <input type="password" name="password"><br/>

</form>

logout.cfm

Report · May 06, 2014

No its not work....When i open index.cfm in the browser, and click on the 'Logout' link. i will arrive at login.cfm. Clicking on the browser's back button will take me back to index.cfm...You can try it....

Report · May 06, 2014

I had tried it beforehand. It worked.

Nevertheless, following your comment, I tested the solution on 3 browsers. I can confirm what you found. By coincidence, it works on my default browser, Internet Explorer, but fails on Chrome and Firefox.

What about the following alternative? I have designed it such that, during testing, you have to wait only 10 seconds for the login to time out. (In normal use, set idletimeout to the value of sessiontimeout, that is, 1200 seconds, or set no value at all)

Application.cfc

component {

this.name="logindemo";

this.applicationTimeout = createTimespan(1,0,0,0);

this.sessionManagement="true";

this.sessionTimeOut = createTimeSpan(0,0,20,0);

this.loginStorage = "session";

public boolean function onRequestStart(string targetPage)

{

var current_page = listLast(arguments.targetPage, "/");

if(current_page is "index.cfm" AND getAuthUser() is "") // User not yet logged in

{

if (NOT IsDefined("form.login")) // No login form submitted

{

cfinclude (template="login.cfm"); abort;

}

else {

// Put authentication validation code here

cflogin (idletimeout="10") // To enable quick testing, set timeout temporarily at low value of 10 seconds

{

cfloginuser (name = "#form.username#", password = "#form.password#", roles = "admin");

}

return true;

}

Report · May 06, 2014

Its still not work i got error:

Variable CFLOGIN is undefined.


The error occurred in C:/ColdFusion10/cfusion/wwwroot/demo/Login/TestLogin/Application.cfc: line 41
41 : if(cflogin (idletimeout="10")) // To enable quick testing, set timeout temporarily at low value of 10 seconds 42 : { 43 : cfloginuser (name = "#cflogin.name#", password = "#cflogin.password#", roles = "admin");

Report · May 06, 2014

Variable CFLOGINUSER is undefined.


The error occurred in C:/ColdFusion10/cfusion/wwwroot/demo/Login/TestLogin/Application.cfc: line 43
43 : cfloginuser (name = "#cflogin.name#", password = "#cflogin.password#", roles = "admin");

Report · May 06, 2014

Sorry. That was in ColdFusion 11. Here is a more suitable syntax:

</cflogin>

</cfif>

</cffunction>

</cfcomponent>

Report · May 06, 2014

Still its not work....When i login and open index.cfm in the browser, and click on the 'Logout' link. i will arrive at login.cfm. Clicking on the browser's back button will take me back to index.cfm...You can try it....

Report · May 07, 2014

I have tested the latest code I gave you on Internet Explorer 11, Firefox 29 and Chrome. It works. When I press the back button, it does not take me back to index.cfm.

To test, use the latest version of Application.cfc (posted May 6, 2014 4:53 PM ). Use the following, new set of meta tags in index.cfm to prevent caching.

Report · May 07, 2014

Thanks for your reply...

I add this meta tag in index.cfm

You say use latest version of Application.cfc (posted May 6, 2014 4:53 PM ) ,But Application.cfc (posted May 6, 2014 4:53 PM ) its not exist.....

You mean you tell about Application.cfc(May 6, 2014 7:53 AM) , then i already use it....

But still not works......

Please Show me your code file.....(index.cfm,Application.cfc,login.cfm,logout.cfm)

Report · May 08, 2014

The forum site apparently takes account of time-zone, hence the difference in time. Anyway, put the following 4 files in the same directory, and test with them.

I have tested with these files on the latest versions of Internet Explorer, Firefox and Chrome. The code works as expected, in every case. After logout, the user cannot go back to index.cfm by means of the back button.

Application.cfc

</cflogin>

</cfif>

</cffunction>

</cfcomponent>

index.cfm

<!DOCTYPE html>

<html>

<head>

<!--- <meta http-equiv="cache-control" content="no-cache">

<!--- <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">

<title>

Untitled Document

</title>

</head>

<body>

<h3>

Welcome to Photo Gallary.....

</h3>

<p>User logged in: <cfoutput>#getAuthUser()#</cfoutput></p>

</cfif>

<a href="logout.cfm">Logout</a>

</body>

</html>

login.cfm

<h2>Please Login</h2>

<p>Use admin and password for your username and password.</p>

<p>You didn't enter the right credentials!</p>

</cfif>

username: <input type="text" name="username"><br/>

password: <input type="password" name="password"><br/>

</form>

logout.cfm

Report · May 12, 2014

Its not work on my platform...I don't know , why its not work????

After logout, the user can go back to index.cfm by means of the back button.

Report · May 12, 2014

We shall find out why. What browser do you test with? Could you also show us your test code for Application.cfc, index.cfm, login.cfm, and logout.cfm?

Report · May 12, 2014

Browser:Google Chrome

Coldfusion Builder2

Coldfusion10

Application.cfc

</cflogin>

</cfif>

</cffunction>

</cfcomponent>

index.cfm

<!DOCTYPE html>

<html>

<head>

<!--- <meta http-equiv="cache-control" content="no-cache">

<!--- <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">

<title>

Untitled Document

</title>

</head>

<body>

<h3>

Welcome to Photo Gallary.....

</h3>

<p>User logged in: <cfoutput>#getAuthUser()#</cfoutput></p>

</cfif>

<a href="logout.cfm">Logout</a>

</body>

</html>

login.cfm

<h2>Please Login</h2>

<p>Use admin and password for your username and password.</p>

<p>You didn't enter the right credentials!</p>

</cfif>

username: <input type="text" name="username"><br/>

password: <input type="password" name="password"><br/>

</form>

logout.cfm

Report · May 12, 2014

My test works on Chrome. My current test files are the same as yours, excepting index.cfm. My index.cfm is as follows:

<!DOCTYPE html>

<html>

<head>

<title>

Untitled Document

</title>

</head>

<body>

<h3>

Welcome to Photo Gallary.....

</h3>

<p>User logged in: <cfoutput>#getAuthUser()#</cfoutput></p>

</cfif>

<p><a href="logout.cfm">Logout</a></p>

</body>

</html>

In my test, I start by opening index.cfm in Chrome. The page shows no logged in user. I click on the link Logout.

That takes me to the page login.cfm. I log in with username BKBK and password 12345, and click on the Login button.

That opens the page index.cfm. I can see that BKBK is now logged in. I then click on the Logout link.

The page login.cfm opens.

When I click on the back button, Chrome displays an error page.

Report · Jul 16, 2014

BKBK wrote:

My test works on Chrome.

When I click on the back button, Chrome displays an error page.

When you press F5/Refresh the webpage you will be shown as User Logged in:BKBK once againn. Because browser stores the past requests in history and if the past request is a POST it asks you whether to resubmit the form with the stored past post request. This is common browser behavior. So, need to perform : Post + Redirect to self

Form on Page1 posts the data to Page2, Page2 processes the data and does what needs to be done, and then it does a HTTP redirect on itself. This way the last "action" the browser remembers is a simple GET on page2, so the form is not being resubmitted upon F5.

http://en.wikipedia.org/wiki/Post/Redirect/Get

http://stackoverflow.com/questions/3923904/preventing-form-resubmission

I know this is quite an old thread however I am a follower of your BKBK. Need your inputs/suggestions!!!

Thanks

VJ

Report · Jul 16, 2014

Vishu#13 wrote:

When you press F5/Refresh the webpage you will be shown as User Logged in:BKBK once againn. Because browser stores the past requests in history and if the past request is a POST it asks you whether to resubmit the form with the stored past post request. This is common browser behavior. So, need to perform : Post + Redirect to self

Form on Page1 posts the data to Page2, Page2 processes the data and does what needs to be done, and then it does a HTTP redirect on itself. This way the last "action" the browser remembers is a simple GET on page2, so the form is not being resubmitted upon F5.

http://en.wikipedia.org/wiki/Post/Redirect/Get

http://stackoverflow.com/questions/3923904/preventing-form-resubmission

Thanks, Vishu. What you describe actually confirms my point. The issue is that Shraddha was unable in her test to get the browser to behave in the way you and I have observed.

Report · May 11, 2014

<meta http-equiv="Content-Type" content="text/html"; charset="utf-8"/>

This is a mistake that has been repeated ever since the beginning. Correct is:

LogOut Issue

1 Correct answer

Variable CFLOGIN is undefined.

Variable CFLOGINUSER is undefined.