hello all I have a login page for admin when I login it is redirecting admin.apsx after logout it is also redirectiing login page but when I type admin.aspx it is displaying admin.aspx. In the below code I am just checking login id I have code for session somthing on Login Page like this cmd = new SqlCommand("select * from Login where loginid='" + txtlogid.Text + "'and password='" + txtpassword.Text + "'", conn); conn.Open(); SqlDataReader dr = cmd.ExecuteReader(); if (dr.Read()) { Session["logid"] = txtlogid.Text; // Session("name") = txtlogid.Text; ; //Session["password"] = txtpassword.Text; Response.Redirect("Admin.aspx"); } else { } and in Admin.aspx page my code is protected void Page_Load(object sender, EventArgs e) { try { if (Session["logid"] == null ) { Response.Redirect("login.aspx"); } else { do somthing } } catch (Exception ex) { } } and on click logout button============== Session.Remove("logid"); Response.Redirect("index.aspx"); please help me noe what I have to do I have no idea about session handling thanxs mpatel
Everything looks correct. I'm running out the door to work so real quick off the top my head: In the logout button click event try changing Session.Remove("logid") to Session.Abandon(). I program in VB.Net not C# but shouldn't it be Session.Remove["logid"]; instead of the ()s.