943,864 Members | Top Members by Rank

Software Development > Perl > Creating a Robust Logout System
Ad:
  • Perl Discussion Thread
  • Unsolved
  • Views: 3376
  • Perl RSS
Permalink
Feb 14th, 2007
0

Creating a Robust Logout System

Expand Post »
When someone logs out of our site, I want the previous page to not be accessible (or any of the other pages.)

So far, when a user clicks the logout button on our site, I do the following:
1) I write to a file
2) erase the session cookie
3) disable the back button.

When each page loads on our site, it checks to make sure the login file has the correct variable, checks to see if the session cookie has a value. The session cookie is checked by javascript upon page loading, the login file is checked on the server.

Everything works but when someone hits the back button, there is enough of a delay where the page can still be viewed before the javascript redirects it.

Is there a better way to do this so that when someone clicks back, the information is no longer there at all?

Thanks!
Similar Threads
Reputation Points: 10
Solved Threads: 0
Newbie Poster
qualtran is offline Offline
6 posts
since Feb 2007
Permalink
Feb 14th, 2007
0

Re: Creating a Robust Logout System

Don't break the back button. The back button can take you back past your own page to pages visited before, so breaking it annoys people.

You should probably do the cookie checking through Perl, not Javascript. That way, when your user hits the back button they either get a cached version of the page (they were authorized to view it in the first place), or they get a "You have been logged out" message. If you're really worried about cached pages like that, you can add a custom header that says the page expired sometime in the past. (1969 would be a good year.)
Reputation Points: 23
Solved Threads: 23
Posting Pro in Training
Puckdropper is offline Offline
494 posts
since Jul 2004
Permalink
Feb 14th, 2007
0

Re: Creating a Robust Logout System

Ok, getting "this page has expired" to come up whenever they try to go back to one of our pages is exactly what I want to do. Now how do I actually do it?
Reputation Points: 10
Solved Threads: 0
Newbie Poster
qualtran is offline Offline
6 posts
since Feb 2007
Permalink
Feb 14th, 2007
0

Re: Creating a Robust Logout System

Use the CGI module.

http://search.cpan.org/dist/CGI.pm/CGI.pm#HTTP_COOKIES

(For your convience, the link will show the HTTP cookies section first.)
Reputation Points: 23
Solved Threads: 23
Posting Pro in Training
Puckdropper is offline Offline
494 posts
since Jul 2004
Permalink
Feb 14th, 2007
0

Re: Creating a Robust Logout System

Click to Expand / Collapse  Quote originally posted by Puckdropper ...
If you're really worried about cached pages like that, you can add a custom header that says the page expired sometime in the past. (1969 would be a good year.)
Just as a side note (seeing as you seem to have solved the OP's problem), setting an expiry date for things that is before Jan 1st 1970 may cause the integer representing that date at system level to wrap around and become something close to 2038.

See here: http://computer.howstuffworks.com/question75.htm

It usually best to use 00:00:01 Jan 1 1970 to make objects expire instantly. Just a helpful tip .

Steven.
Reputation Points: 47
Solved Threads: 1
Posting Whiz in Training
Mushy-pea is offline Offline
271 posts
since Jun 2006

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in Perl Forum Timeline: Making global constants/Making constants global
Next Thread in Perl Forum Timeline: Get the location of the perl script





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC