• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 185
  • Last Modified:

Browser Back after Registration

Hi,

I am new to the web applications.Could anyone help me out.

I have a web based application.After registering to the site (with his user-id ,password and account )the user is logged in and the first page is displayed.

If he clicks on the browser back , the registration form is shown again and he can submit a form again with another account number. This is allowing the accounts linked to the same user.

(1)Instead ,I would want to log him out as soon as he clicks the BrowserBACK.

(2)If he directly types in the URL for the registration form ,since there is already an existing account ,he must get a warning to use AddAccounts link and not to register twice

How can get this done?
0
member_october
Asked:
member_october
  • 3
  • 2
1 Solution
 
GuntCommented:
What login method are you using?.

In the case you have control over the login process:

You can't detect the browser back button. What you can do to avoid double login, is:
In your login process, before logging the user in, check if it's already logged. If he is, then forward to the error page, otherwise continue.

For the second case, what you can do is making the request pass over a Servlet that forwards to the login page. This servlet can then check to see if the user is logged. If he is, forward to error page, otherwise forward to login page.

0
 
siliconeagleCommented:
I would use the following trick:-
1.submit the form to a traget as a hiden iframe
return a page to the iframe to trigger a replace on the parent document
here are three files, replaceform.html is the residter page with the form it contains a hidden iframe that you submit to this submit to a your servlet or jsp and return a page which calls replaceURL() with in the iframes parent page (replaceform.html) then this is replaceed with your next page so the register page doesn't show up in the history.
-----------replaceform.html---------------------------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Form page</TITLE>
<script>
      function replaceURL(url){
            document.location.replace(url);
      }
</script>
</HEAD>

<BODY>
<iframe id="submitform" name="submitform" width="100%" height="30" style="display:none"></iframe>
<form action="./submitreturn.jsp" method="post" target="submitform" >
<input type="text" name="data" value="">
<input  type="submit"  value="GO">
</form>
</BODY>
</HTML>
-----------submitreturn.jsp---------------------------------------------
<HTML>
<HEAD>
<TITLE> Submitted </TITLE>
</HEAD>
<BODY onload="parent.replaceURL('./thankyou.jsp')">
</BODY>
</HTML>
-----------thankyou.jsp---------------------------------------------
<HTML>
<HEAD>
<TITLE>Thankyou</TITLE>
</HEAD>
<BODY>thankyou</BODY>
</HTML>
0
 
member_octoberAuthor Commented:
Hi gunt and siliconeagle ,

Here,my form's action would be an Action class ( i am using struts) and so I think  if I got your code right ,it would not serve the purpose.

Whats happening is, if  I register using Account#1,email#1 ,password and zipcode#1(a unique userid#1 is generated and I am successfully logged on(auto login) ,then I click on Browser Back or type in the url of the page (its not a jsp a .do) , Enter Account#2,email#2 ,password and zipcode#1.(no user-id is created). If I logout and logon with userid#1 ,the 2 accounts are displayed .

are the session attributes not set?if then how is the Account#2 being taken?
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
GuntCommented:
When the user logs in, a userId is stored by you in the session. Your action might look like:
- Check account data (username, password, email, etc)
- If correct, generate userId, and store it in the user session. Then, forward to first page.
- If incorrect, goto error page

I suggest this:
- Check if the session has a userId stored
- If it has, then forward to error page (already logged in)
- If it hasn't, continue:
- Check account data (username, password, email, etc)
- If correct, generate userId, and store it in the user session. Then, forward to first page.
- If incorrect, goto error page

Wouldn't this work for you?

Also, there's is a pattern that helps you control flow:
http://www.javaworld.com/javaworld/javatips/jw-javatip136.html
It's to avoid double form submision, but it's useful to check that the user didn't submit a form with a back button:
Basically, you store a token (a number for instance) in every JSP (generated by the action before forward, you set a hidden field with the token). You also store in the session the token. When the user submits, you check that the form he submited has the same token as the form he was supposed to submit (with the token in the session).
0
 
member_octoberAuthor Commented:
Gunt,

Thanks for the info..from what i had asked this is correct.
I had another trouble which I have posted in Java section.

In case you are can find the rootcause for the problem.
http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_21186722.html#12438772
0
 
GuntCommented:
Thanks, I'll try to help you further there.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now