|
The best way to handle this is to make the page able to handle it (usability is hard but your users will love you for it, or at least it will be one less thing to complain about, LOL). This usually means that you need to persist the data. Since you're dealing with credit cards, cookies are a no-no which means that you probably need to create a table to store the information. If you go this route, you should also make sure to encrypt the data when you store it (use 128-bit or higher AES). The credit card companies are really cracking down on this and will levy big fines against companies that they find aren't doing this. Even worse, they'll cut you off from being able to accept their card. Another thing you can do (you should actually do this anyway since you don't want transactional data cached) is make sure that you're doing a POST and write out the expire HTTP headers (these go after the Content-Type header): Cache-Control: no-cache Pragma: no-cache Expires: 0 When a person hits the back button, they'll get an error about expired data. Of course, you could always be evil and make a window open up without all of the navigation buttons but that still doesn't prevent someone from using keyboard shortcuts. Matt -----Original Message----- From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of Joe Giusto II Sent: Wednesday, January 25, 2006 4:32 PM To: web400@xxxxxxxxxxxx Subject: [WEB400] Prevent Brower From Going Back To Credit Card Page I am trying to prevent users from using the Back button in the web browser to get back to the page where the credit card number was entered. Or alternatively, be able to erase that page from the history log or back button log. The closest I have come is with this JavaScript, which will throw the page forward again when the user hits the back button. </script><script language="JavaScript">javascript:window.history.forward(-1);</script> But does not prevent them from using the drop down arrow on the back button to go back several pages to get to it. I realize the script will work if I put it on each page, but I need to allow them to go back and make changes until the final order page is accepted or rejected. That is when I write out a confirmation page with the script in it.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.