Link to home
Start Free TrialLog in
Avatar of Brian
BrianFlag for United States of America

asked on

Disable browsers Back and Forward buttons

Hi Experts,

I have an application that I created. When a user log in to his/her account I need them to NOT be able to click on the back and forward buttons. The reason I ask is that the site displays general info for users who are not logged in but for users who login they need to complete steps and the web page does not have a link to the steps they need to complete. So I was wondering if there was anyway once the user logs in to disable or somehow prevent the user from click on the back / forward browser buttons.

Thanks in advance!
Avatar of Obadiah Christopher
Obadiah Christopher
Flag of India image

Avatar of Brian

ASKER

Hi informaniac,
What will this do?
Avatar of Brian

ASKER

@informaniac,

Not sure what should happen but I implemented the following below and had the following below running on Page_Init but if I'm logged in then I can still click on the back button. I want it so that if a user clicks on the back button or forward button that all sessions are removed and they get redirected back to login page.

<%@ Page Language="C#" AutoEventWireup="true" OutputCache Duration="2" VaryByParam="None" CodeFile="annualphysical.aspx.cs" Inherits="application_secure_annualphysical" %>


    protected void Page_Init(object sender, EventArgs e)
    {
        Response.Cache.SetNoServerCaching();
        Response.Cache.SetCacheability(HttpCacheability.NoCache);
        Response.Cache.SetNoStore();
        Response.Cache.SetExpires(new DateTime(1900, 01, 01, 00, 00, 00, 00));
    }
You cannot override the users controls from a web page.  You can interfere, and make the page difficult to use and you can screw it up, but in the end your design is flawed if you cannot use normal flows, and it will be junk no matter what you try.

Cd&
Avatar of Brian

ASKER

@COBOLdinousaur,

I found this doing a google search. It works but would like to know the cons if  you can tell me if there are any.

      <script type="text/javascript">
          window.history.forward();
          function noBack() {
              window.history.forward();
          }
  </script>

>> You can interfere, and make the page difficult to use and you can screw it up, but in the end your design is flawed if you cannot use normal flows, and it will be junk no matter what you try.

The problem that i face is that I need to display Home, Information, and Contact for all users who are NOT logged in. Once a user logs in I DO NOT want them to go to those pages. So I removed them from the main navigation which is fine, BUT if they keep clicking on the back button then they can still get to them. Once they do, there is NO link back to the application part that they need to fill out. If you have any other idea how i can do this without worrying about disabling the back button then believe me I'm all ears :). This is the last thing I found wrong before I can go live with this application. Any help would be greatly appreciated.
ASKER CERTIFIED SOLUTION
Avatar of Rajar Ahmed
Rajar Ahmed
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
All they have to do is right click the back button and select a page to go to.

The history .forward has to go on the page they come from, which may become inaccessible The browser nav will no longer be reliable.

Your description of the problem seems to say you limited navigation and painted yourself into a corner.

Why not just put a check on those pages to see if they are logged in, then if they try to go to a page they are not supposed to see; overwrite it with a message that the page is no longer available and a link to the page where they should be on.

All you have to do is keep track of the logon in their cookie.  Not ideal, but when you do strange navigation you end up having to rescue lost users.

Cd&
Avatar of Brian

ASKER

Hi COBOL,

Can you help me with that?
Avatar of Brian

ASKER

@COBOL,

Also, once they are logged into the system then how do I prevent then from moving backward based on the cookie created at login? I create a session name once they login. Could I check against that and if so how ?
The basics for cookies:
Javascript: http://www.quirksmode.org/js/cookies.html
ASP: http://msdn.microsoft.com/en-us/library/aa289495%28v=vs.71%29.aspx

If you have a session on the server then just check it for a logged in condition and if they are requesting a page that they ar not supposed to have then just re-direct to where they should be going.

As long as you are thinking "how do I prevent" , you are fighting the user, the browser, and the system... you cannot win that fight.  You need to be thinking "how do I help guide the user to where they need to be".

Cd&
Avatar of Brian

ASKER

COBOLdinosaur,

Can  you show me what code I would use on the Home, Information, and Contact pages to check for my session called "UserNameSessionID" to redirect a user to my main application page if they have already logged in? I'm currently using the following code below on the Home, Information, and Contact pages to display the users First and Last name based on the session id "UserNaemSessionID". But I guess what I really need to do is redirect them back to the application if they go away from it.

[b]CodeBehind for Home, Information, and Contact pages:[/b]

    protected void Page_Load(object sender, EventArgs e)
    {
        if ((Session["UserNameSessionID"] == null) || (Session["UserNameSessionID"].ToString() == ""))
        {
            lblFullNameSession.Text = "Welcome Guest";
            lb_logout.Visible = false;
        }
        else
        {
            string FirstName = Convert.ToString(Session["fname"]);
            string LastName = Convert.ToString(Session["lname"]);
            string EmpID = Convert.ToString(Session["empid"]);

            lblFullNameSession.Text = "Welcome " + FirstName + " " + LastName;
            lb_logout.Visible = true;
        } 
    }

Open in new window

Avatar of Brian

ASKER

@meeran03,

Thank you for your post. Sorry, I missed what you put. I do have a question though about your post. How is it different then mine? I have not tried yours yet, but are they the same is yours better than what i found on google? I'm only asking because I'm not sure.

Thanks in advance!!!

What i have now:

  <script type="text/javascript">
      window.history.forward();
      function noBack()
      {
          window.history.forward();
      }
  </script>
I would never try to do this.  Frequently, I open a new window here to check on something.  In IE you can kidnap them to your pages but not in any other browser.  In Firefox, you can't keep me on your application pages.  And I could also just open another browser like Chrome, Safari, or Opera.  And if you tried to keep me on your pages, I would probably never come back.

What are you doing that is worth angering your users?
@asp_net2
the code i posted,  works in ie,ff,chrome,safari . it  forwards to the current url when user clicks the back button .

Meeran03