session in asp.net C#
basically i have 3 pages, log in page, main page and registration page.
My users have 2 access level, admin and User.
Admin can go to registration apge, User can't.
On log in page, there are 2 session, Name and Role.
on page load, I clear both session.
If log in is succeeded, I filled in the values.
My problem is..
I log in as Admin, Session["Name"]="admin"; Session["Role"]="Admin";
I go to main page, then to registration page with hyper link. (enable only for admin)
On registration pageload, I check the role. If it is not access, I redirect to main page.
Every page has logged out hyper link.
I will redirect that link to log in page.
As I clear the session values at the loading of log in 开发者_高级运维page, they are all clear.
When I get to Admin page, I copy the URL.
I log out and log in as someone else with User access.
I go to Main page.
I can't go to registraion page as the hyper link is disable.
But when I paste the URL, it can go to registration page.
Only when I click something, it will redirect to main page as the page_load function is not run at the first time.
Any idea?
From your explaination it seems there is a high chance this is actually the browser caching the page and not sending a request at all. Try to print the username on the page and see if it will change when you hit the url again. You can also use tools like Firebug, IE9 Dev Tools, Fiddler, etc. to see if request is sent.
BTW consider using the Membership and Role providers instead of sticking stuff in session ( http://odetocode.com/articles/427.aspx )
精彩评论