Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Browser Back after Registration

Posted on 2004-10-27
6
Medium Priority
?
180 Views
Last Modified: 2010-04-01
Hi,

I am new to the web applications.Could anyone help me out.

I have a web based application.After registering to the site (with his user-id ,password and account )the user is logged in and the first page is displayed.

If he clicks on the browser back , the registration form is shown again and he can submit a form again with another account number. This is allowing the accounts linked to the same user.

(1)Instead ,I would want to log him out as soon as he clicks the BrowserBACK.

(2)If he directly types in the URL for the registration form ,since there is already an existing account ,he must get a warning to use AddAccounts link and not to register twice

How can get this done?
0
Comment
Question by:member_october
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:Gunt
ID: 12429755
What login method are you using?.

In the case you have control over the login process:

You can't detect the browser back button. What you can do to avoid double login, is:
In your login process, before logging the user in, check if it's already logged. If he is, then forward to the error page, otherwise continue.

For the second case, what you can do is making the request pass over a Servlet that forwards to the login page. This servlet can then check to see if the user is logged. If he is, forward to error page, otherwise forward to login page.

0
 
LVL 2

Expert Comment

by:siliconeagle
ID: 12433750
I would use the following trick:-
1.submit the form to a traget as a hiden iframe
return a page to the iframe to trigger a replace on the parent document
here are three files, replaceform.html is the residter page with the form it contains a hidden iframe that you submit to this submit to a your servlet or jsp and return a page which calls replaceURL() with in the iframes parent page (replaceform.html) then this is replaceed with your next page so the register page doesn't show up in the history.
-----------replaceform.html---------------------------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Form page</TITLE>
<script>
      function replaceURL(url){
            document.location.replace(url);
      }
</script>
</HEAD>

<BODY>
<iframe id="submitform" name="submitform" width="100%" height="30" style="display:none"></iframe>
<form action="./submitreturn.jsp" method="post" target="submitform" >
<input type="text" name="data" value="">
<input  type="submit"  value="GO">
</form>
</BODY>
</HTML>
-----------submitreturn.jsp---------------------------------------------
<HTML>
<HEAD>
<TITLE> Submitted </TITLE>
</HEAD>
<BODY onload="parent.replaceURL('./thankyou.jsp')">
</BODY>
</HTML>
-----------thankyou.jsp---------------------------------------------
<HTML>
<HEAD>
<TITLE>Thankyou</TITLE>
</HEAD>
<BODY>thankyou</BODY>
</HTML>
0
 

Author Comment

by:member_october
ID: 12437444
Hi gunt and siliconeagle ,

Here,my form's action would be an Action class ( i am using struts) and so I think  if I got your code right ,it would not serve the purpose.

Whats happening is, if  I register using Account#1,email#1 ,password and zipcode#1(a unique userid#1 is generated and I am successfully logged on(auto login) ,then I click on Browser Back or type in the url of the page (its not a jsp a .do) , Enter Account#2,email#2 ,password and zipcode#1.(no user-id is created). If I logout and logon with userid#1 ,the 2 accounts are displayed .

are the session attributes not set?if then how is the Account#2 being taken?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 3

Accepted Solution

by:
Gunt earned 1500 total points
ID: 12439795
When the user logs in, a userId is stored by you in the session. Your action might look like:
- Check account data (username, password, email, etc)
- If correct, generate userId, and store it in the user session. Then, forward to first page.
- If incorrect, goto error page

I suggest this:
- Check if the session has a userId stored
- If it has, then forward to error page (already logged in)
- If it hasn't, continue:
- Check account data (username, password, email, etc)
- If correct, generate userId, and store it in the user session. Then, forward to first page.
- If incorrect, goto error page

Wouldn't this work for you?

Also, there's is a pattern that helps you control flow:
http://www.javaworld.com/javaworld/javatips/jw-javatip136.html
It's to avoid double form submision, but it's useful to check that the user didn't submit a form with a back button:
Basically, you store a token (a number for instance) in every JSP (generated by the action before forward, you set a hidden field with the token). You also store in the session the token. When the user submits, you check that the form he submited has the same token as the form he was supposed to submit (with the token in the session).
0
 

Author Comment

by:member_october
ID: 12439974
Gunt,

Thanks for the info..from what i had asked this is correct.
I had another trouble which I have posted in Java section.

In case you are can find the rootcause for the problem.
http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_21186722.html#12438772
0
 
LVL 3

Expert Comment

by:Gunt
ID: 12440158
Thanks, I'll try to help you further there.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question