I have one pressing issue that I need to find solution to.
I recently viewed my project work in chrome browser; I navigated to the login page I created and logged in using a user ID and password that exists in the database. In the dashboard page I right-clicked on a navigation link to navigate to another page, it worked. Then I had two tabs opened for the website. I later went to the previous tab, without closing the other, I logged out of the account and it logged out. But the issues is that I went to the other tab which was still open, and refreshed the page and it refreshed but the user was still logged in. I thought that when I had logged out of that particular account, it should have logged out completely so even when anybody refreshes it should have redirected to login page.
The most intriguing part is that I closed the tabs and opened a new tab by clicking on the “+” on the browser bar to open new tab, and I went to history and clicked to open the last page, it open to that page as logged in account, NOT redirecting to login page.
Here is my code to log out
if (Session["user"] == null)
{
SqlConnection con = new SqlConnection("Data Source=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\\Dataregister.mdf;Integrated Security=True");
con.Open();
string UpdateLog = @"UPDATE Users SET IsActive=@IsActive";
using (SqlCommand cmd = new SqlCommand(UpdateLog, con))
{
cmd.Parameters.AddWithValue("@IsActive", "0");
cmd.ExecuteNonQuery();
}
con.Close();
Response.Redirect("LoginForm.aspx");
}
