homepage Welcome to WebmasterWorld Guest from 54.211.68.132
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

    
Caching problem
peten



 
Msg#: 4416815 posted 5:39 pm on Feb 12, 2012 (gmt 0)

Hi .

I have a webpage that is password protected via .htaccess .htusers
the problem i have is that if you log into the page the come out of it and follow the link back in it allows access without asking for the username and password i would like to stop this .

Is it something i can stop via the page itself

Thnaks Pete .

 

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4416815 posted 6:16 pm on Feb 13, 2012 (gmt 0)

This is not a caching problem. What keeps the user logged in, and "connected" to the site, separate from other users? A cookie. Without other options,this is a session cookie that dies only after you close the browser. Solution: modify your login scheme to allow the cookie to expire, or, create a logout scheme that deletes the cookie.

peten



 
Msg#: 4416815 posted 7:11 pm on Feb 13, 2012 (gmt 0)

Humm i was not aware that the .htaccess would create a cookie i certainly have not set any cookies i basically dont like them

Pete .

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4416815 posted 5:00 pm on Feb 14, 2012 (gmt 0)

Cookies are your friend, they're what keep you connected to the website. When you place an item in a cart, that's what is keeping you connected to YOUR cart, a cookie. It's what's keeping you logged in to this site. Even PHP sessions use the PHPSESSID cookie. They get a bad rap because of the attempts at abuse, but generally they are a harmless bit of info and as programmers we'd be pretty much lost without them (although, you should always program for ways to handle connections should they be disabled.)

Cookies set for auth methods in .htaccess are generally session cookies (die when the browser closes) but if you dig through the documentation I'm **pretty sure** there's a way to set their life, make them persistent, and un-set them.

peten



 
Msg#: 4416815 posted 5:31 pm on Feb 14, 2012 (gmt 0)

HUmmm that sort of defeats the object they need to die the instant you come out of the page in question this makes life very hard indeed .
In that case i need to look at it from a differnet angle once a user has accessed the page in question one time they will no longer get in again a one time password

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved