Page 1 of 1

Login Redirection

Posted: Thu Jan 29, 2004 1:32 pm
by Straterra
I am trying to write a script so that after a person logs on, it takes them back to the URL they were before they logged on. The only problem is, it doesn't seem to work at all. It allows users to login, but takes them straight back to index.php. Here is the code for the Login form

Code: Select all

<?php
include('banned.php');
include('start.php');
?>
<BODY bgcolor="#000000" text="#FFFFFF" link="#0000FF" vlink="#0000FF" alink="#0000FF">
<form action="login.php" method="post">
<?php
if (isset($_SERVER['HTTP_REFERER'])) {
$referer = parse_url($_SERVER['HTTP_REFERER']);
?>
<input type="hidden" name="redir" value="<?php echo $referer; ?>">
<?php
} else {
?>
<input type="hidden" name="redir" value="index.php">
<?php
}
?>
Username
<input type="text" name="username"><br>
Password
<input type="password" name="password"><br>
<input type="submit" name="submit" value="Submit">
<input type="reset" name="reset" value="Reset">
<?php
include('end.php');
?>
and here is the script that allows members to log in

Code: Select all

<?php
include('banned.php');
if ( isset($_POST['username']) and isset($_POST['password']) and isset($_POST['redir']) ) {
$username = strtolower($_POST['username']);
$password = $_POST['password'];
$dbname = 'eckbios';
if ($db = sqlite_open($dbname, 0666, $sqliteerror)){
$sql = "SELECT username, password FROM logintable WHERE username = '$username' and password = '$password'"; 

$sql_result = sqlite_query($db, $sql); 

if (sqlite_num_rows($sql_result) != 1) { 
     echo "Login Failed."; 
     exit;
} else { 
$_SESSION["username"] = $username;
header("Location: ".$_POST['redir']);
}
} else {
  die ($sqliteerror);
}
} else {
header("Location: loginform.php");
}
?>

Posted: Thu Jan 29, 2004 1:51 pm
by ol4pr0
Dont know if it makes any differance. However i tried that code of youres and it gave me this result.. ( besides all sql erros ofcourse )

when i disabled the include/banned.php it wanted me to go straight forward to the loginform.php. I guess its the

Code: Select all

header("Location: ".$_POST['redir']);
wich causes that problem. ( i think that is redirecting it to index.php )
I might be wrong tho. since i am not yet familiar with all the php coding.

Posted: Thu Jan 29, 2004 1:53 pm
by Straterra
That code works fine. Its the loginform page that isn't gathering the referer information..which really sucks! Can anyone help?

Posted: Fri Jan 30, 2004 6:48 am
by Straterra
Bump

Posted: Fri Jan 30, 2004 10:04 am
by Illusionist
try taking out the parse_url()

I dont know if that would work, but its worth a try!

Posted: Sat Jan 31, 2004 10:30 am
by tsg
In a session file I include on all pages, I use the following code :

Code: Select all

<?php
	if($HTTP_HOST == "mydomain.com" || "www.mydomain.com"){
		$_SESSION['returnpage'] = $REQUEST_URI;
	}

?>

And on the login page I have it say -- if !empty $_SESSION['returnpage] -- header to return page .. if empty then to standard login page.



Hope that helps

Tim

Posted: Sat Jan 31, 2004 1:29 pm
by m3rajk
i wouldn't use referrer in the http/server vars. iknow that a number of proxies strip that. i think aol's has started that. iknow some other isps do that.
i would have something in the link that captures the pagename so that it's int he get string. that way you're garunteed to have it

Posted: Sat Jan 31, 2004 2:39 pm
by Straterra
I'm not too worried if EVERYONE can use it. I am trying to develop a system, so that after a person logs on, they go to the page they were at before they went to the form to log in.

Posted: Sun Feb 01, 2004 2:58 pm
by Straterra
Bumpen zie posten.

Posted: Sun Feb 01, 2004 5:58 pm
by m3rajk
well then there's cookies that could work, or referring page in the http/server string

Posted: Sun Feb 01, 2004 6:00 pm
by Straterra
I can't do that because parse_url($_SERVER['HTTP_REFERER']) doesn't seem to work. If I can't get that to work, I can't do anything.

Posted: Sun Feb 01, 2004 9:07 pm
by William
Ok... try making a hidden form field like this:

<input type='hidden' name='old_page' value='HTTP_Referer'>
then one the page yuo sending the data put:
header("location: $old_page");
Might be a diffrent probley your having or you tried that i jumped throuhg it fast just an idea.

Posted: Mon Feb 02, 2004 5:38 am
by Straterra
I tried that, but the referer array doesn't work, so the value it returns is "Array".