Web Forms :: Stop Users Users Using The Browser Back Button And Potentially Submitting An Old Version
Mar 25, 2011
I need to stop users users using the browser back button and potentially submitting an old version of a form.
I'm storing a guid in a session variable and also writing the value to a hidden form field and then checking the session value against the hidden field value if a user does try to navigate back and submit an old form.
If the form is submitted and the user wants to complete a new copy of the form then a new guid is generated both to the session and to the hidden form field. Now, if the user decides to hit the back button a few times to get the old form and tries to submit it again, the page checks the current guid in session against the guid stored in the form field and it finds a mismatch and prevents the form being submitted.
This works as expected in Chrome and Firefox, but in IE6, when the user hits the back button to view the old form, the new guid value appears in the hidden field of the old form! This means the user can submit the old form again, which we definitely do not want.
View 3 Replies
Similar Messages:
Jul 7, 2012
i m having problem with logout code in asp.net with c#. this logout code should end session, disable browser's back button and and if somebody try to login by paste the url of any user account page.i used this code in login page
protected void Button1_Click(object sender, EventArgs e)
{
Session["name"] = TxtUserName.Text;
}
and in logout i used this
protected void logout_Click(object sender, EventArgs e)
{
Session.RemoveAll();
Session.Abandon();
Response.ClearHeaders();
Response.Redirect("login.aspx");
}
nothing happening back button is still visible
View 1 Replies
Jul 23, 2010
if users press the browser's back button to reach the prior page..then page should display a message like "web page expired" in asp.net can i use javascript for this?
for example..
there are 4 pages in web sites. 1,2 and 3 can be back. but when the 4th page run then 4th page can not be back... when the user press browser's back button , diaplay ma message "weg page expired".
View 4 Replies
Jul 30, 2010
I am trying to prevent users from submitting ascii codes in a textbox using a RegularExpressionValidator.
This works fine and I am able to display an error.
However when the user clicks on another button on the page I get the "A potentially dangerous Request.Form value was detected from the client" error. Is there a way to prevent this?
View 5 Replies
Jul 12, 2010
We have a few scenarios which mean users can see other users data if they're on the same machine.
Scenario 1
Login User A Browse to forms with perosnal data Logout User A Login User B Either hit back button until you reach User A's personal data or.. Use browser history to jump directly to user A's personal data.
Scenario 2
Login User A Browse to forms with personal data Close browser New Browser, Use history to go directly to User A's data.
The 2nd one was caused by the browser displaying the page from its cache, so for that one, I added the following to the web.config..
[Code]....
[Code]....
which seems to do the trick, but I need to know how to fix the first part and whether the web.config changes are all that's needed to clear any cache.
View 6 Replies
Jul 25, 2013
When I click Logout page redirect to Login page but when click to browser arrow back then it will goes back, I want to after Logout cannot going to back page...
View 1 Replies
Mar 17, 2010
My testers have discovered that if you type free text into a file upload input then none of the buttons on the page work until that text is removed (so the page cannot be submitted).
I am able to replicate this with the following ASPX code (with no code behind):
<%@ Page Language="C#" AutoEventWireup="true" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<body>
<form id="form1" runat="server">
<div>
<asp:FileUpload ID="fuTest" runat="server" />
<asp:Button ID="btnSubmit" runat="server" Text="Submit" />
</div>
</form>
</body>
</html>
(Note that I haven't bound any handlers to the page; despite this, the page is submitted when the submit button is clicked only if no text is entered into the upload text box)
Is there any way to prevent users from typing free text into a file upload control? It seems that this is only possible in IE - Firefox and Chrome natively prevent text from being entered into upload input fields.
I've seen solutions elsewhere which suggest hiding input and replacing it with a label / button combo, but this seems like it might cause more problems and work inconsistently across browsers.
View 2 Replies
Apr 26, 2010
I have a page, the user types in e-mail and then submits. The next page is a confirmed page - letting the user know that his -mail was entered. If you then click back, the forum will try to re-submit itself. Is there a way to stop this?
View 6 Replies
Jun 24, 2010
I've created a Sign Out link on my page, just like the one you see on the top right hand corner of this forum.
This is the code i use :
<asp:HyperLink NavigateUrl="~/Login.aspx" ID="hypSignOut" runat="server" Text="Sign Out"></asp:HyperLink>
However, after signing out, I click the back button on my browser, I can still go back into the site. How do I prevent this?
View 3 Replies
Feb 9, 2010
I have an asp.net web app that uses forms-based authentication, a SqlMembershipProvider (using an encrypted password format), and a SqlRoleProvider. I need to know if it's possible to administer the users (create new users, assign them to roles, etc.) from a windows application - the powers that be don't want any administrative functionality in the web app itself.
Here is the membership provider definition from web.config:
[code]....
So, obviously, I have a Sql Server database that contains the users and roles for the web app. I'd like to create a separate windows app that references the web app assembly, and use the configured MembershipProvider, RoleProvider, and machineKey to create users, assign users to roles, etc. If that's not possible, I can duplicate the configuration settings from web.config within the windows app. But I don't know how to do this either.
View 3 Replies
Jul 15, 2010
We have a simple SQL Server database with an ASP.NET front end.
I can easily update a record from my browser.
Another person cannot: he edits the field and hits the "update" button, but the change is not propagated to the database. The old value remains. He is using Internet Explorer. I checked the database, and his change is not propagated. There is no error thrown.
He WAS able to edit in May. Today he can't. but I can.
I can even update it with the Google Chrome browser.
View 1 Replies
Aug 26, 2010
Allow Admin Users to Access Basic Users Accounts?
View 4 Replies
Dec 6, 2010
[Code]....
after successful creation of 3 users on my web site now cannot create users
View 9 Replies
Jun 25, 2010
different return for added users and for rejected users?
[Code]....
View 4 Replies
Oct 12, 2010
We have implemented the ASP membership and roles..and we would like to display the users currently logged in and also display the number of users online so we can display that on the page. The list of users woudl only be available to our admins. BUt the number of users will show for everyone.
View 9 Replies
Sep 29, 2010
Is there a way in ASP.Net to find out the browser and operating system of the user?
View 1 Replies
Apr 7, 2010
In my website I am maintaining log of users in which I am storing some user's information such as user machine IP umber,SessionId,UserName etc.and able to show the list of current and past users in webpage. I want to share and connect to browser session of any of the current users. Is it possible,if yes then how?
View 5 Replies
Jan 11, 2011
i have to implement a requirement that's kind of weird for web apps (intranet web app).
after an user login to the app, the user may press Ctrl + N to open the current page in a new window. this sounds perfectly normal except the business requirement is to prevent users from doing this. users must logoff before they can access to the app again with a different browser window/tab.
View 1 Replies
Mar 9, 2014
When i Clicked a logout button the page will be close but the browser back button go to previous page how to solve this....
View 1 Replies
Aug 11, 2010
I have used Login Control + Change Password + Create User Wizard in my project. Everything is working fine. I want to know that how to get the List of Users and also to Update/Delete users.
View 1 Replies
Aug 4, 2010
I just realized after i created a test account i was not in any roles. Is there a way to automically add new users into the role Users? Have i missed this some where?
View 8 Replies
Jan 12, 2010
Im using ASP.NET 2.0,C# for my web application development. I am having a login page and new user registration page. how to redirect to login page once user finishes his registration and clicks back button of browser. Registration page is container page using some master page..
View 7 Replies
May 10, 2010
How to recognize if user has come through browser back button in asp. net site
AS well how to identify if they have opened new tab in the same browser.
View 1 Replies
Jan 11, 2010
Not sure if i'm posting in the right forum, if not, please move it...i have the following issue... I want to "disable" browser's back button. Seems it's not possible, but using cache.setcacheability and timing it, kinda disables the option of navigating back. I need this because in some pages of my webpage, i keep values in a Session variable so when a page loads, i need to check that variable, and, if navigating back, cant do that. I also "set cache to false" because if someone closes session, and i allow cache, someone else could handtype a url in that same pc and see the page without login (though if he/she tries to navigate through it will be kicked out because when loading a new page, i'll know that he/she is not logged) but i dont want to allow even that,
that's why cache is disabled. The problem is that loading over and over again my masterpage (header, footer, menu and stuff) is going to slow down the webpage, because every time there's a request, the page has to be sent again completely. So, is there something like a "mix" mode where i can allow cache just for a few things? If not, what's the best practice to achieve both things i'm trying: speed and security?
View 4 Replies
Jan 16, 2012
After user has logged out i am redirecting user to home.aspx and from here i do not want user to be able to go back using browser back button.. How can i do it? I used this code in javascript :
<script type="text/javascript"> javascript:window.history.forward(1);</script>
This does not work for me. In all pages i am using Master Pages..
View 1 Replies
