<div>
once he logs out we can load a cookie saying he has.. now when this cookie is alive, then prolly you can code your pages not to load.. 
 
just an idea..
</div>

<div>
ACtually this is my project, then my teacher said we are not supposed to use cookies. 
Only session variable can be used.
</div>

<div>
maybe you can have an intermediate redirect page, so when users hit back button, they get redirected to the logout page again..
</div>

<div>
It is impossible to truly disable the back button but here is a good article with a few tricks 
 
<a href="http://www.4guysfromrolla.com/webtech/111500-1.shtml" rel="ugc">http://www.4guysfromrolla.com/webtech/111500-1.shtml</a> 
 

</div>

<div>
Have the log in page set a session variable 
have the log out page clear the session variable 
on a.asp and b.asp redirect to login if the session variable is not set. 
 
Login.asp 
(after you have authenticated) 
&lt;% &nbsp;session(&quot;loggedIn&quot;)=&quot;YES&quot;%&gt; 
 
in a.asp 
(at the top) 
&lt;%if not session(&quot;loggedIn&quot;) then response.Redirect(&quot;login.asp&quot;) %&gt; 
 
in b.asp 
(at the top) 
&lt;%if not session(&quot;loggedIn&quot;) then response.Redirect(&quot;login.asp&quot;) %&gt; 
 
 
In logout.asp 
(at the top) 
&lt;%session(&quot;loggedIn&quot;) =&quot;NO&quot; %&gt; 
 
I have had success with this method. I use it to show a flash intro once per session. 

</div>

<div>
disregard my previous post. I cut and paste too much! 
 
Have the log in page set a session variable 
have the log out page clear the session variable 
on a.asp and b.asp redirect to login if the session variable is not set. 
 
Login.asp 
(after you have authenticated) 
&lt;% &nbsp;session(&quot;loggedIn&quot;)=&quot;YES&quot;%&gt; 
 
in a.asp 
(at the top) 
&lt;% 
&nbsp; Response.Buffer = True 
&nbsp; Response.ExpiresAbsolute = Now() - 1 
&nbsp; Response.Expires = 0 
&nbsp; Response.CacheControl = &quot;no-cache&quot; 
&nbsp; if not session(&quot;loggedIn&quot;) =&quot;YES&quot; then response.Redirect(&quot;login.asp&quot;) %&gt; 
 
in b.asp 
(at the top) 
&lt;% 
&nbsp; Response.Buffer = True 
&nbsp; Response.ExpiresAbsolute = Now() - 1 
&nbsp; Response.Expires = 0 
&nbsp; Response.CacheControl = &quot;no-cache&quot; 
&nbsp; if not session(&quot;loggedIn&quot;) =&quot;YES&quot; then response.Redirect(&quot;login.asp&quot;) %&gt; 
 
 
In logout.asp 
(at the top) 
&lt;%session(&quot;loggedIn&quot;) =&quot;NO&quot; %&gt; 
 
I have had success with this method. I use it to show a flash intro once per session. 

</div>

<div>
Thank you so mcuh to all of you for your precious help..I will try all method first and then see which one are the ones I needed. Thank you so much again...I be back...
</div>

<div>
I tried the above website 
<a href="http://www.4guysfromrolla.com/webtech/111500-1.shtml" rel="ugc">http://www.4guysfromrolla.com/webtech/111500-1.shtml</a> 
then the codes i think it works, but it allow users to refresh the page, and then the pages (e.g a.asp, b.asp) 
appears again. 
 
my codes: 
 
&lt;% 
Response.Buffer=true 
 
Response.ExpiresAbsolute = Now() - 1 
Response.Expires = 0 
Response.CacheControl = &quot;no-cache&quot; 
 
dim loginID &nbsp; 
loginID=Request.Form(&quot;userid&quot;) 
if loginID&lt;&gt;&quot;&quot; then 
&nbsp; Session(&quot;ID&quot;)=loginID 
else 
&nbsp; &nbsp; if Session(&quot;ID&quot;)=&quot;&quot; then &nbsp; 
&nbsp; &nbsp; &nbsp; Response.Redirect (&quot;index.htm&quot;) 
&nbsp; &nbsp; end if 
end if 
%&gt; 
 
After i log out, I will go back to index.htm. Once I click back button on the browser, It shows this error message. 
 
Error Message 
------------------ 
The page you requested was created using information you submitted in a form. This page is no longer available. As a security precaution, Internet Explorer does not automatically resubmit your information for you. 
 
To resubmit your information and view this Web page, click the Refresh button. 
 
I don't want the user to click refresh button as the page will reappear again. 
 
 
My logic on my pages 
index.htm (click login) --&gt; login.asp(got id textbox and password) (click submit) &nbsp;--&gt; go a.asp (click logout) &nbsp; 
--&gt; go logout.asp (clear away the id)--&gt; go back index.htm (problem) 
 
my problem is user after logout, click back, then the error message appear(as above), once i click refresh, the page refresh again for me. 
 
what i want it to be: once i click back, the a.asp should redirect me to index.htm, instead of letting me to refresh. 
 
I don't want to disable the back button, cos teacher emphasise he don't want that to restrict user navigation. 
 
Thank you once again. 
</div>

<div>
<div class="content wysiwyg-content">
Hi, 
&nbsp;I have a question, regarding preventing users from using BACK button on the browser to visit the previous pages in the website. 
 
E.g 
 
1) User log in 
2) surf at a.asp 
3)surf at b.asp 
4) click on log out. 
 
I wan to make sure user cannot surf back b.asp once he has log out by clicking the back button on the browser. 
 
I tried many method. 
Method 1 
------------ 
using session variable to store the ID at every page. This prevents the users from directly accessing individual pages. IT works. But once user CLICK back button, they can go back becos i think the session is still there. I tried session.timeout also cannot. I tried session(&quot;loginID&quot;)=&quot;&quot; after logging out also cannot. THey still can go to the b.asp page by click back. 
 
Method 2 
---------- 
 
I used meta tags to solve the problem. 
 
&lt;META HTTP-EQUIV=&quot;Content-Type&quot; content=&quot;text/html; charset=iso-8859-1&quot;&gt; 
&lt;META HTTP-EQUIV=&quot;Expires&quot; CONTENT=&quot;0&quot;&gt; 
&lt;META HTTP-EQUIV=&quot;Pragma&quot; CONTENT=&quot;no-cache&quot;&gt; 
 
it don't work too. 
 
&nbsp;have no idea what else can i try..pls help me......i have been trying it for a week..... 
&nbsp; 

</div>
</div>

Hi,
 I have a question, regarding preventing users from using BACK button on the browser to visit the previous pages in the website.

E.g 

1) User log in
2) surf at a.asp
3)surf at b.asp
4) click on log out.

I wan to make sure user cannot surf back b.asp once he has log out by clicking the back button on the browser.

I tried many method.
Method 1
------------
using session variable to store the ID at every page. This prevents the users from directly accessing individual pages. IT works. But once user CLICK back button, they can go back becos i think the session is still there. I tried session.timeout also cannot. I tried session("loginID")="" after logging out also cannot. THey still can go to the b.asp page by click back.

Method 2
----------

I used meta tags to solve the problem.

<META HTTP-EQUIV="Content-Type" content="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="Expires" CONTENT="0"> 
<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> 

it don't work too. 

 have no idea what else can i try..pls help me......i have been trying it for a week.....

How to prevent user from using the back button to go back to previous viited pages after logging out?

Web development includes all aspects of presenting content on intranets and the Internet, including delivery development, protocols, languages and standards, server software, browser clients, databases and multimedia generation.