0

am using a JavaScript to connect users to the homepage after the processing page have finish loading and sent the user to the homepage of welcome.html but the fact is how do i end the session after the click the log out button, because after signing out and if they hit back they will still get back the welcome.html, i have try disabling the back button in the browser but that's not awesome, i just need to kill the session so that it won't get them back to the welcome.html after they sign out instead it goes back to login page and require them to sign back in to access the welcome.html, and in this fact am not using php or DB to connect the user login, am using javascript, i don't know if it could work maybe with php simple line of codes or tags.

Here is my JavaScript code, i use to connect the users:

function Login(FORM){



var done=0;



var username=document.login.username.value;



username=username.toLowerCase();



var password=document.login.password.value;



password=password.toLowerCase();


if (username=="jonson111" && password=="happy111") { window.location="HomeAccess_uche/processing.html"; done=1;}

if (username=="wilsonqaz" && password=="open123qaz") { window.location="HomeAccess_wilson/processing.html"; done=1; }

if (done==0) { alert("USERNAME OR PASSWORD IS NOT IN THE DATABASE PLEASE TRY AGAIN!"); }


}

am using dreamweaver and yes i know i will encrypt the Java codes so that users will not understand it, but i just need to end the session after they sign out, this have given me a hard time to figure out i have search everywhere in Google but nothing, anyone can help?

Improve this question
9
  • nothing in your code prevents anyone from opening any of the pages on your site. Can only do what you want using server side authorization where server won't send page if not logged in and redirects to another page Commented Nov 16, 2013 at 3:32
  • Your code have been copied over incorrectly I presume - what's with the }undsmanagement8/loginauth.html"; done=1; } bit? Commented Nov 16, 2013 at 3:32
  • @charlietfl. yes at the processing page it was redirect to the welcome.html Commented Nov 16, 2013 at 3:44
  • can't i do this with a simple codes for the fact that i haven't upload my website to the server Commented Nov 16, 2013 at 3:45
  • just saying that if you are serving static html files...javascript login will do nothing and anyone can open any page they want and the url's are right in the script Commented Nov 16, 2013 at 3:52

2 Answers 2

Reset to default
1

what ever you wrote is all about client side code. there is no point in worry about session , because you don't have a session at all. you are just using javascript. you don't have any server side code to handle session. anybody can see the user name and password by looking at your javascript code. More over once you redirect the page by window.location="HomeAccess_wilson/processing.html"; your " done=1; " and all the javascript variable will reset.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

so what do you suggest?
0

DISCLAIMER: This is a TERRIBLE IDEA. Your site will be completely unsecure. I am ONLY explaining a way to make it work so that a completely innocent, naive user would get the intended effect. Also, this will only work in modern browsers supporting local storage.

function save_login() {
  localStorage.loggedIn = true;
}

function save_logout() {
  localStorage.loggedIn = false;
}

Call those functions when they log in or log out, and then on every "secure" (but not really, this is totally unsecure) page you do

if (localStorage.loggedIn == false) {
    window.location.href = "yoursite.com/login" //or whatever page you 
                                                //want to send them to
}
Improve this answer

5 Comments

those functions am i calling them into my .js or it should be each other the login page and the logout page. and calling th if == false i need to use open and close script language before it can function in my secure pages?
When they get username/password correct, save_login(). When they click logout, save_logout. The last part needs to be in a <script> element. Again, this is not in any way secure.
Google localstorage - it's a way to save info to the users browser. You need to save there if they are logged in. If they aren't logged in, redirect them. Google is your friend.
i got this code from google is called gatekeeper but what's bothers me with this code is that, it is only configured with one users page and i have so many users homes pages, so am wondering how to split this codes for it o connect so many users and kill their session when they try to logout the codes are two: one htmliseasy.com/keeper/keeper3sample/keeper1.js the other that sent them away is htmliseasy.com/keeper/keeper3sample/keeper2.js another thing again i use this codes just the way they instructed and if i try signing in it never get connect or reloads
i have search everywhere in google but nothing i think this has no solution friend

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.