• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

LogOut Issue

New Here ,
Apr 23, 2014 Apr 23, 2014

Copy link to clipboard

Copied

Hi

    When i logout from my index Page then Login Page Open but when i click on back button in Browser Then  Index Page open. I want once logout then not open other when clik on back button in Browser page like facebook..

I add my code Follow:

Application.cfc

<cfcomponent>

          <cfset this.datasource = "TestingDataSource">

 

          <cffunction name="onRequest">

                    <cfargument name="templatename"/>

                    <cflogin>

                              <cfif isdefined("form.submit")>

                                        <cfif form.username is "admin" and form.password is "admin">

                                                  <cfloginuser name="#form.username#" password="#form.password#" roles="admin">

                                        <cfelse>

                                                  <cfset request.errorMessage = "Incorrect Login,Please try again..">

                                                  <cfinclude template="login.cfm">

                                                  <cfreturn>

                                        </cfif>

                              <cfelse>

                                        <cfinclude template="login.cfm">

                                        <cfreturn>

                              </cfif>

                    </cflogin>

                    <cfinclude template="#arguments.templatename#" >

          </cffunction>

 

</cfcomponent>


index.cfm

<!DOCTYPE html>

<html>

          <head>

                    <meta http-equiv="Content-Type" content="text/html"; charset="utf-8"/>

                    <title>

                              Untitled Document

                    </title>

          </head>

          <body>

                    <h1>Home Page</h1>

                    <h3>

                              Welcome to Photo Gallary.....

                    </h3>

                    <a href="logout.cfm">Logout</a>

          </body>

</html>

login.cfm

<!DOCTYPE html>

<html>

          <head>

                    <meta

                    

                    http-equiv="Content-Type" content="text/html"; charset="utf-8"/>

                    <title>

                              Untitled Document

                    </title>

          </head>

          <body>

                    <cfform>

                              <table width="500" border="0">

                                        <tr>

                                                  <td>

                                                            User Name:

                                                  </td>

                                                  <td>

                                                            <cfinput name="username" type="text" required="yes" message="Please enter Username"/>

                                                  </td>

                                        </tr>

                                        <tr>

                                                  <td>

                                                            Password:

                                                  </td>

                                                  <td>

                                                            <cfinput name="password" type="password" required="yes" message="Please enter password"/>

                                                  </td>

                                        </tr>

                                        <tr>

                                                  <td>

                                                            <cfinput type="submit" name="submit" value="submit">

                                                  </td>

                                        </tr>

                              </table>

                    </cfform>

                    <cfif isdefined("request.errorMessage")>

                              <p style="color:red">

                                        <cfoutput>#request.errorMessage#</cfoutput>

                              </p>

                    </cfif>

          </body>

</html>

logout.cfm

<cflogout>

<cflocation url="login.cfm" >



Views

27.1K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Community Expert , May 07, 2014 May 07, 2014

I have tested the latest code I gave you on Internet Explorer 11, Firefox 29 and Chrome. It works. When I press the back button, it does not take me back to index.cfm.

To test, use the latest version of Application.cfc (posted May 6, 2014 4:53 PM ). Use the following, new set of meta tags in index.cfm to prevent caching.

<meta http-equiv="cache-control" content="max-age=0" />

<meta http-equiv="cache-control" content="no-cache" />

<meta http-equiv="expires" content="0" />

<meta http-equiv="expires" co

...

Votes

Translate

Translate
Community Expert ,
Apr 23, 2014 Apr 23, 2014

Copy link to clipboard

Copied

Just 2 things. 1) The login code in onRequest would probably be better placed in onRequestStart. 2) The behaviour you observe is as expected. As a result of the cflocation, the browser thinks the visitor of login.cfm came from index.cfm. Anyway, it is generally considered bad practice to prevent the user from using the browser's back-button to go back. However, if you insist, google disable browser back button and you will find useful Javascript suggestions.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Apr 23, 2014 Apr 23, 2014

Copy link to clipboard

Copied

Only google disable browser back button i can do this ya any other way to solve it? like by using session...In starting assisgn value in session and after logout destroy session like this ,if you have demo then please give me code...

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 24, 2014 Apr 24, 2014

Copy link to clipboard

Copied

It is futile to try to control the bowser's back-button from the server. Controlling the behaviour of the browser is, in general, a matter for the browser, not for the ColdFusion server.

Button behaviour and navigation are among the decisions that the browser can make independently of the server. One notable example is that the browser may decide to serve a cached version of a page, rather than make a new trip to the server. So any booby-traps or cunning decoys you set for it would just be for nothing. That is why most developers implement such functionalities in Javascript.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Apr 25, 2014 Apr 25, 2014

Copy link to clipboard

Copied

Hi

    I dont want to apply disable browser back button...Have you  any other way to solve it?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 26, 2014 Apr 26, 2014

Copy link to clipboard

Copied

As far as I can see, there is not much use in using the browser to prevent a logged out user from going back to index.cfm. This is all about authentication, so I think it is a server issue anyway. I can think of one consistent piece of server logic for that.

It makes sense to display the logout link only if the user is logged in. You could therefore test for this.

You could also check whether the user is already logged in, in deciding whether or not to display the login page. Both tests can be done by means of getAuthUser().

If the user has logged out or is not yet logged in, then getAuthUser() will be an empty string. For a user currently logged in, getAuthUser() returns the value of the name attribute of the cfloginuser tag.

Putting it all together, you should get something like:

<cffunction name="onRequestStart">

                     <cfargument name = "targetPage" type="String" required="true">

                    <cflogin>

                              <cfif isdefined("form.submit")>

                                        <cfif form.username is "admin" and form.password is "admin">

                                                  <cfloginuser name="#form.username#" password="#form.password#" roles="admin">

                                        <cfelse>

                                                  <cfset request.errorMessage = "Incorrect Login,Please try again..">

                                                  <cfinclude template="login.cfm">

                                                 <cfabort>

                                        </cfif>

                              <cfelseif getAuthUser() is "">

                                        <cfinclude template="login.cfm">

                                       <cfabort>

                              </cfif>

                    </cflogin>

          </cffunction>

index.cfm

<!DOCTYPE html>

<html>

etc., etc

  <cfif NOT (getAuthUser() is "")>

        <a href="logout.cfm">Logout</a>

</cfif>

</body>

</html>

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Apr 27, 2014 Apr 27, 2014

Copy link to clipboard

Copied

Hi, 

    I add code in my app according you above say for (check whether the user is already logged in, in deciding whether or not to display the login page.).But its not solve my above issue,

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 29, 2014 Apr 29, 2014

Copy link to clipboard

Copied

Shraddha Prajapati wrote:

Hi, 

    I add code in my app according you above say for (check whether the user is already logged in, in deciding whether or not to display the login page.).But its not solve my above issue,

The code is not meant to solve the issue of going from login.cfm to index.cfm using the back-button. It is meant to make the issue irrelevant.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 29, 2014 Apr 29, 2014

Copy link to clipboard

Copied

BKBK wrote:

index.cfm

<!DOCTYPE html>

<html>

etc., etc

  <cfif NOT (getAuthUser() is "")>

        <a href="logout.cfm">Logout</a>

</cfif>

</body>

</html>

Even better:

index.cfm

<!DOCTYPE html>

<html>

etc., etc

<cfif getAuthUser() is "">

        <a href="login.cfm">Login</a>

</cfelse>

        <a href="logout.cfm">Logout</a>

</cfif>

</body>

</html>

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Apr 29, 2014 Apr 29, 2014

Copy link to clipboard

Copied

Its not work.... I want once logout then not open other Page(Prev  Page) , open Login Page ,when clik on back button in Browser ,   like facebook..

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 30, 2014 Apr 30, 2014

Copy link to clipboard

Copied

We are now back to where we started. If you must, you should do it in Javascript.

If you insist on doing it at the server, start by telling the browser not to cache index.cfm (the page you don't want to be opened by back button).

index.cfm

<html>

<head>

<!--- Tell browser not to cache this page, and to make fresh request of page each time --->

<meta http-equiv="cache-control" content="no-cache">

<meta http-equiv="expires" content="Mon, 22 jul 2002 11:12:01 GMT"><!---Time in the past--->

</head>

Suppose a user requests index.cfm. If his last requested page is login.cfm, you want ColdFusion to send him back to the login page. Implement that logic in onRequestStart.

<cffunction name="onRequestStart">

    <cfargument name = "targetPage" type="String" required="true">

    <cfset current_page = listLast(arguments.targetPage, "/")>

    <cfif current_page is "index.cfm" and (isDefined("session.pageLastVisited") and session.pageLastVisited is "login.cfm")>

        <cflocation url="login.cfm">

    </cfif>

    <cfset session.pageLastVisited = current_page>

</cffunction>

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Apr 30, 2014 Apr 30, 2014

Copy link to clipboard

Copied

I got the error:

The web site you are accessing has experienced an unexpected error.
Please contact the website administrator.


The following information is meant for the website developer for debugging purposes.
Error Occurred While Processing Request

The requested scope session has not been enabled.

Before session variables can be used, the session state management system must be enabled using the cfapplication tag.
The error occurred in C:/ColdFusion10/cfusion/wwwroot/demo/demo1/Login3/Application.cfc: line 26

  25 :<cfset current_page = listLast(arguments.targetPage, "/")>

26 :    <cfif current_page is "index.cfm" and (isDefined("session.pageLastVisited") and session.pageLastVisited is "login.cfm")>

27 :    <cflocation url="login.cfm"> 28 :          </cfif>


Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 01, 2014 May 01, 2014

Copy link to clipboard

Copied

What you have to do is clear. Start the Application.cfc file with something like

<cfcomponent>

<cfset this.name = "Shraddha1">

<cfset this.datasource = "TestingDataSource">

<cfset this.applicationTimeout = "#createTimespan(1,0,0,0)#">

<cfset this.sessionManagement = "true">

<cfset this.sessionTimeout = "#createTimeSpan(0,0,20,0)#">

<cfset this.loginStorage = "session">

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 01, 2014 May 01, 2014

Copy link to clipboard

Copied

Please confirm what suggestions you have used before asking further questions. It would help the forum give you even better suggestions.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 01, 2014 May 01, 2014

Copy link to clipboard

Copied

Forget this...I am very confused in this...And also its no work....

Plz Give me the code of your  demo of login Example, With Applicatio.cfc,login.cfm,index.cfm,logout.cfm Page..(Simple Demo with session and  check whether the user is already logged in, in deciding whether or not to display the login page and solve with browser back button)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 01, 2014 May 01, 2014

Copy link to clipboard

Copied

The tips I have given you so far should work. It of course depends on how you implemented them. Could you show us your files: Application.cfc, login.cfm, index.cfm, and logout.cfm.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 01, 2014 May 01, 2014

Copy link to clipboard

Copied

Ok I give you my another login  example code:

Application.cfc

component {

          this.name="logindemo";

          this.sessionManagement="true";

          this.sessionTimeOut = createTimeSpan(0,0,0,15);

          public boolean function onRequestStart(string req)

          {

                    var append = "";

                    var togo = "";

                    //handle an authentication

                    if(structKeyExists(form, "login") && structKeyExists(form, "username") && structKeyExists(form, "password")) {

                              if(form.username == "admin" && form.password == "password") {

                                        session.loggedin = true;

                                        if(structKeyExists(session, "requestedurl")) {

                                                  togo = session.requestedurl;

                                                  structDelete(session, "requestedurl");

                                                  location(url=togo, addtoken=false);

                                        }

                              } else {

                                        append = "?error=1";

                              }

                    }

                    //force login if not authenticated

                    if(!session.loggedin && !find("login.cfm", arguments.req)) {

                              session.requestedurl = arguments.req & "?" & cgi.query_string;

                              if(!structIsEmpty(form)  && !structKeyExists(form, "login")) session.formdata = serializeJSON(form);

                              location(url='login.cfm#append#',addtoken=false);

                    }

                    //Got Form?

                    if(session.loggedin && structKeyExists(session, "formData") and isJSON(session.formData)) {

                              structAppend(form,deserializeJSON(session.formData));

                              structDelete(session, "formData");

                    }

                    return true;

          }

          public void function onSessionStart() {

                    session.loggedin=false;

          }

}

login.cfm

<h2>Please Login</h2>

<p>Use admin and password for your username and password.</p>

<cfif structKeyExists(url, "error")>

          <p>You didn't enter the right credentials!</p>

</cfif>

<form action="index.cfm" method="post">

username: <input type="text" name="username"><br/>

password: <input type="password" name="password"><br/>

<input type="submit" name="login" value="Login">

</form>

index.cfm

<!DOCTYPE html>

<html>

          <head>

                    <meta http-equiv="Content-Type" content="text/html"; charset="utf-8"/>

                    <!---<meta http-equiv="cache-control" content="no-cache">

                    <meta http-equiv="expires" content="Mon, 22 jul 2002 11:12:01 GMT"><!---Time in the past--->--->

                    <title>

                              Untitled Document

                    </title>

          </head>

          <body>

                    <h1>Home Page</h1>

                    <h3>

                              Welcome to Photo Gallary.....

                    </h3>

                    <a href="logout.cfm">Logout</a>

          </body>

</html>

logout.cfm

<cfset session.loggedin = "false">

<cflogout>

<cflocation url="login.cfm">

In this Example only one problem ,Browser back button issue....I dont want to disable it(Browser back button)..I want to find other way to solve it ....Once logout and click on Browser back button, then open only login page.....


Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 01, 2014 May 01, 2014

Copy link to clipboard

Copied

Shraddha Prajapati wrote:

Ok I give you my another login  example code:

You have changed to yet another example. This is what I advised you in a previous post to avoid. If you continue to add new parts to the code before correcting the existing code, you will generate a lot of complexity. That will make debugging difficult.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 01, 2014 May 01, 2014

Copy link to clipboard

Copied

You have not implemented the following suggestions I gave you:

1) define the application variables in Application.cfc (For example, I suggested a session timeout of 20 minutes. Your current value of 15 seconds is unrealistic.);

2) use meta tags in index.cfm to prevent caching;

3) use the variable session.pageLastVisited in onRequestStart to prevent the user going back to index.cfm.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 04, 2014 May 04, 2014

Copy link to clipboard

Copied

hi , I apply your above 3 suggestions in my new Demo:

index.cfm

<!DOCTYPE html>

<html>

  <head>

  <meta http-equiv="Content-Type" content="text/html"; charset="utf-8"/>

  <!--- Tell browser not to cache this page, and to make fresh request of page each time --->

  <meta http-equiv="cache-control" content="no-cache">

  <meta http-equiv="expires" content="Mon, 22 jul 2002 11:12:01 GMT"><!---Time in the past--->

  <title>

  Untitled Document

  </title>

  </head>

  <body>

  <h1>Home Page</h1>

  <h3>

  Welcome to Photo Gallary.....

  </h3>

  <a href="logout.cfm">Logout</a>

  </body>

</html>

Application.cfc

component {

  this.name="logindemo";

  this.datasource = "TestingDataSource";

  this.applicationTimeout = "#createTimespan(1,0,0,0)#";

  this.sessionManagement="true";

  this.sessionTimeOut = createTimeSpan(0,0,0,15);

  this.loginStorage = "session";

  public boolean function onRequestStart(string req)

  {

  var append = "";

  var togo = "";

  var targetPage="";

  current_page = listLast(targetPage, "/");

  if(current_page is "index.cfm" & (isDefined("session.pageLastVisited") and session.pageLastVisited is "login.cfm"))

  {

  location(url="login.cfm");

  }

  session.pageLastVisited = current_page;

  //handle an authentication

  if(structKeyExists(form, "login") && structKeyExists(form, "username") && structKeyExists(form, "password")) {

  if(form.username == "admin" && form.password == "password") {

  session.loggedin = true;

  if(structKeyExists(session, "requestedurl")) {

  togo = session.requestedurl;

  structDelete(session, "requestedurl");

  location(url=togo, addtoken=false);

  }

  } else {

  append = "?error=1";

  }

  }

  //force login if not authenticated

  if(!session.loggedin && !find("login.cfm", arguments.req)) {

  session.requestedurl = arguments.req & "?" & cgi.query_string;

  if(!structIsEmpty(form)  && !structKeyExists(form, "login")) session.formdata = serializeJSON(form);

  location(url='login.cfm#append#',addtoken=false);

  }

  //Got Form?

  if(session.loggedin && structKeyExists(session, "formData") and isJSON(session.formData)) {

  structAppend(form,deserializeJSON(session.formData));

  structDelete(session, "formData");

  }

  return true;

  }

  public void function onSessionStart() {

  session.loggedin=false;

  }

}

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 04, 2014 May 04, 2014

Copy link to clipboard

Copied

But its not work....

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 05, 2014 May 05, 2014

Copy link to clipboard

Copied

Shraddha Prajapati wrote:

this.sessionTimeOut = createTimeSpan(0,0,0,15);

As I said earlier, 15 seconds is impractical. Use 20 minutes, for example.

public boolean function onRequestStart(string req)

  {

  var append = "";

  var togo = "";

  var targetPage="";

  current_page = listLast(targetPage, "/");

That is inconsistent with the code I gave you, and will of course fail because targetPage is an empty string. The correct code is

public boolean function onRequestStart(string targetPage)

  {

   var current_page = listLast(arguments.targetPage, "/");

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 05, 2014 May 05, 2014

Copy link to clipboard

Copied

Ok.I cange my code above you say...

this.sessionTimeOut = createTimeSpan(0,0,0,20);


public boolean function onRequestStart(string targetPage)

{

   var current_page = listLast(arguments.targetPage, "/");

But its not work......

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 05, 2014 May 05, 2014

Copy link to clipboard

Copied

Shraddha Prajapati wrote:

Ok.I cange my code above you say...

this.sessionTimeOut = createTimeSpan(0,0,0,20);

That is 20 seconds. Twenty minutes is createTimeSpan(0,0,20,0).


But its not work......

Why does it fail? What are the error messages? Could you please give us some details.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
May 05, 2014 May 05, 2014

Copy link to clipboard

Copied

Shraddha Prajapati wrote:

if(current_page is "index.cfm" & (isDefined("session.pageLastVisited") and session.pageLastVisited is "login.cfm"))

if(structKeyExists(form, "login") && structKeyExists(form, "username") && structKeyExists(form, "password"))

if(form.username == "admin" && form.password == "password")

if(!session.loggedin && !find("login.cfm", arguments.req))

if(!structIsEmpty(form)  && !structKeyExists(form, "login"))

if(session.loggedin && structKeyExists(session, "formData") and isJSON(session.formData))

...

But its not work......

Stay with traditional Coldfusion syntax, and you should be all right.

if(current_page is "index.cfm" AND (isDefined("session.pageLastVisited") and session.pageLastVisited is "login.cfm"))

if(structKeyExists(form, "login") AND structKeyExists(form, "username") AND structKeyExists(form, "password"))

if(form.username EQ "admin" AND form.password EQ "password")

if(NOT session.loggedin AND NOT find("login.cfm", arguments.req))

if(NOT structIsEmpty(form)  AND NOT structKeyExists(form, "login"))

if(session.loggedin AND structKeyExists(session, "formData") and isJSON(session.formData))

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation