Solved

Session Still Working Despite Using Session.Abandon()

Posted on 2013-01-07
6
307 Views
Last Modified: 2013-01-12
Hello guys..

I am using Session.Abandon() to logout from a page called detail.asp and then redirecting to Login.asp. But from login.asp page when I use the same link of detail.asp in the address bar it takes me into the same detail.asp page instead of redirecting back again to login page.

logout.asp
----------------------
session.abandon
response.redirect "login.asp"
0
Comment
Question by:newbie27
  • 3
  • 3
6 Comments
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 38750596
Try Session.Contents.Remove("sale") or for all sessions Session.Contents.RemoveAll().  I will typically do this session("myobject")="" first.
0
 
LVL 8

Author Comment

by:newbie27
ID: 38751182
No it didn't work.

From detail.asp page i am calling logut.asp page

logout.asp page cotains the following code

Session.Contents.RemoveAll()
session.abandon
response.redirect "login.asp"

Being in login.asp page, when i paste the detail.asp link in the address bar it takes me to again to details.asp which it should redirect back to login page
0
 
LVL 52

Accepted Solution

by:
Scott Fell,  EE MVE earned 500 total points
ID: 38751249
Can you post your sample script.

This works for me.
Page1.asp
<%
session("login")="xyz"
%>

Page2.asp
<%
Session.Contents.Remove("login")
session.Contents.RemoveAll()
%>

Are you sure the code is being called?
Try this
Session.Contents.Remove("login")
Session.Contents.RemoveAll()
session.abandon
response.write "Login removed."
response.end() 'should stop the page and verify your code is processed.
response.redirect "login.asp"
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 8

Author Comment

by:newbie27
ID: 38753592
Login.asp
-----------------------------------------------------------------
UserName = request.form("UserName")
Password = request.form("Password")

session("UserName") = UserName

After successful login it will redirect to detail.asp page

detail.asp
---------------
Dim sUsername
sUsername = Session("UserName")
If sUsername = "" Then
Response.Redirect("login.asp")
end if
below code will show details with logout option
<a href="logout.asp" style="float:right"><b>LogOut</b></a>

logout.asp
-----------------
<% in this page i also want to clear the cookies, for now just trying to kill the session
'dim Cookie
'For Each Cookie In Response.Cookies
'Response.Cookies(Cookie).Expires = Date() - 1
'Next
'DeleteSession
Session.Contents.Remove("UserName")
Session.Contents.RemoveAll()
session.abandon
response.write "Login removed."
response.end()
response.redirect "login.asp
'end if
%>

when i followed the steps and clicked on the logout link it shows the error of "The page cannot be displayed".

Please advise.
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 38753652
Login.asp
<%
'just to make sure default the session to nothing
   session("UserName") =""

'only set the user info if the form is submitted
if request.form("UserName")<>"" then
   UserName = request.form("UserName")
   Password = request.form("Password")
    session("UserName") = UserName
end if
%>

Open in new window

0
 
LVL 8

Author Closing Comment

by:newbie27
ID: 38769968
Thanks, worked like a charm.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to part one of a multi-part tutorial series, VBScript for Windows System Administrators.  The goal of this series is to teach non-programmers how to write useful VBS code to automate their environment, and perform tasks faster, and in a more…
In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now