For example, if a user is trying to get to their customer details page, the page would trigger a login and then the login.php page would redirect them back to the customer details page upon successful login.
I have the following script in my login page, but I'm not 100% clear on how to redirect the user to the refering page:
Code: Select all
<?php
// *** Validate request to login to this site.
session_start();
if ($_POST['submit'])
{
$frm_username = @$_POST['frm_username'];
$frm_password= @$_POST['frm_password'];
authenticateUser($frm_username,$frm_password);
}else
{
login_page();
}//end if
function authenticateUser($frm_username,$frm_password)
{
$hostname = 'localhost';
$username ='myname';
$password ='mypwd123';
$dbName = 'my_db';
$crypted_password=md5($frm_password);
//Formulate SQL and find user
$query="SELECT password FROM users WHERE username='$frm_username' AND password='$crypted_password'";
echo $query;
MYSQL_CONNECT($hostname, $username, $password) OR DIE("Unable to connect");
@MYSQL_SELECT_DB("$dbName") OR DIE("Unable to select database");
//execute the query
$result = @mysql_query($query) or DIE(mysql_error());
echo ("result is $result");
$count = mysql_num_rows($result);
echo ("count is $count");
//exactly one row - then we have found the user
if (mysql_num_rows($result)==1)
{
//Register the frm_username to show the user is logged in
session_register("frm_username");
//Clear any other session variables
if (session_is_registered("errors"))
//Delete the form errors session variable
session_unregister("errors");
//Redirect to a calling page?
if(session_is_registered("referer"))
{
//Delete the referer session variable
session_unregister("referer");
//Then use it to redirect
header("Location:$referer");
exit;
}
else
{
header("Location:orders.php");
exit;
}}
else
{
//Ensure the username is not registered, so the user is not logged in
if (session_is_registered("frm_username"))
session_unregister("frm_username");
//Register an error message
session_register("message");
$message="Username or password incorrect.".
"login failed.";
//Show the login page
login_page();
exit;
}
}
function login_page()
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
</head>
<form ACTION="<?=$_SERVER['PHP_SELF'];?>" method="POST">
<table align="center" width="75%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td>User Name</td>
<td><input type="text" name="frm_username" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="frm_password" /></td>
</tr>
</table><br />
<input name="submit" type="submit" value="Submit" />
</form></body>
</html>
<?php
}
?>How the heck do I correct my script so that I can redirect successfully from the page where I was trying to go? I guess its a redirect forward?!
Thanks!