Hello, I'm putting the finishing touches on a new members website and have encountered what turns out to be a fairly common developer's conundrum... How to prevent the user (AFTER they have completed the payment screens and my registration page) from returning back to the registration page (using their back button) and registering again and again and again... I figured this would be an easy problem to solve by either expiring the page just displayed or by blocking the back button with a Java script, but cannot find any meaningful information on how to do either one of those things. I KNOW I'm not the first person to ever encounter this problem and question. What I would prefer to do is simply expire the page just displayed; but have no idea HOW to do that. Does anyone here have help to offer in how to keep the user from going back to an already completed registration screen?
For the record, my security mmanagement software does check for duplicate user names and email addresses, but that won't prevent a saavy user from entering a different user name and password. I'm picturing some college freshman here giving all of his dorm buddies a free membership to my site and eating up every nibble of bandwidth I can afford to buy!
I orignally posted this question to one of the other forums and after several rounds of "try this" and responding with "I already did that" someone finally suggested that perhaps my solution might be found here.
Perhaps I'm just being a bit dense here, but after 33 years as an IT pro,I don't really think so. I frankly consider the ability to recall a registration form to be a fairly serious security issue and I'd really LIKE to find a way to prevent that.
I have done quite a bit of web research on this topic and it seems to be a fairly common issue without a good documented solution. And so far, no one has yet been able to point me to a single site or a document where I can actually SEE how the "expired form" trick is done. Yes, I HAVE seen the expired forms that pop up when You hit the back button, but I can't for the life of me figure out what the heck the developer is DOING behind the scenes to make those expired screens appear and looking at the expired-forms after the fact is a bit like trying to figure out the license number of the truck by examining the entrails of a dead dog in the middle of the highway.
Java scripts have also been suggested and tried, but even that doesn't really work if I try hard enough to get past them with the back-button.
I am currently using the redirecting form trick and I'm even redirecting several times to make it harder for the user to get back to that form, but even that doesn't prevent them from getting there if they try hard enough.
HELP! I'm really stuck on this one!
Web Witchcraft Publishing