>I have a web site use ASP ( VB script ).
>The Login use a cookie to store the user right for the login user.
>each page check this cookie and then hidden some function of the page base on
>their user right.
>But I have a problem is that I can't expire that cookie after logout the site.
>So if a admin user login after that logout. The normal user login will find that it user admin user right because the admin user cookie still alife . ( only happen in IE . Netscape haven't got that problem )
>
>Is there any sugguestion other then using cookie ?
>Or am I wrong using the cookie or wrong coding in expire the cookie after
>logout ?
Why not remove the cookie when the login page is run? Then set it after a successful login?
Wayne Myers, MCSD
Senior Consultant
Forte' Incorporated
"The only things you can take to heaven are those which you give away" Author Unknown