Redirecting after a successful user authentication?
Moderator: General Moderators
Redirecting after a successful user authentication?
I am building a Web site in PHP with a public area and password-protected area. I will have links from the public area to specific pages that the user must be authenticated to see.
Is there anyway to redirect the user to the original link they clicked on after they successfully complete the log in process?
For example, let's say a user clicks on the following a href:
topsecret.php
Because there is an include in that PHP file that requires user authentication, the browser redirects to a page such as login.php, which posts a form to loginProcess.php.
After loginProcess.php runs, I want the browser to redirect automatically to topsecret.php.
Any thoughts?
Thanks!
Is there anyway to redirect the user to the original link they clicked on after they successfully complete the log in process?
For example, let's say a user clicks on the following a href:
topsecret.php
Because there is an include in that PHP file that requires user authentication, the browser redirects to a page such as login.php, which posts a form to loginProcess.php.
After loginProcess.php runs, I want the browser to redirect automatically to topsecret.php.
Any thoughts?
Thanks!
- MrPotatoes
- Forum Regular
- Posts: 617
- Joined: Wed May 24, 2006 6:42 am
Code: Select all
$fileAndFilePath = 'topsecret.php';
header("Location: " . $fileAndFilePath)I am having trouble getting this to work...
I have an include file in my password-protected pages with the following code:
This then goes to a log in page which posts to logInProcess.php. After successful user authentication, I've included the following to redirect back to the referrer:
Trouble is that $_SESSION["redirect"] is never set. Am I missing something??
Thanks.
I have an include file in my password-protected pages with the following code:
Code: Select all
<?php
session_start();
// See if a user is logged in. If not, redirect to the log in page
if(isset($_SESSION["authenticatedUser"]))
{
$appUserId = $_SESSION["authenticatedUser"];
}
else {
$_SESSION["logInMessage"] = "You must log in to access this page.";
$_SESSION["redirect"] = $_SERVER["HTTP_REFERER"];
header("Location: logIn.php");
}
?>Code: Select all
<?php
session_start();
if($authenticateUser)
{
if(isset($_SESSION["redirect"]))
header("Location: ".urlencode($_SESSION["redirect"]));
else
header("Location: fileList.php");
}
?>Thanks.
let me try to explain a little better the way I do it by showing you some code I might use.
session.inc.php (untested)
then on login.php, you'll have the old url in the querystring in the url
login.php (untested)
that make sense?
session.inc.php (untested)
Code: Select all
session_start();
function geturl()
{
$ports = array('https' => 443, 'http' => 80);
$prefix = (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off" ? 'http' : 'https');
$url = $prefix;
$url .= '://';
$url .= $_SERVER['HTTP_HOST'];
$url .= $_SERVER['SERVER_PORT'] != $ports[$prefix] ? ':' . $_SERVER['SERVER_PORT'] : '';
$url .= $_SERVER['PHP_SELF'];
$url .= (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != "" ? "?".$_SERVER['QUERY_STRING'] : "");
return $url;
}
if(!isset($_SESSION['logged_in'] && !isset($login))
{
header("Location: login.php?oldurl=".urlencode(geturl()));
}login.php (untested)
Code: Select all
<?
$login = TRUE;
include("session.inc.php");
if(isset($_POST....))
// do your sql query here
// if sql passes then include this
$oldurl = urldecode($_GET['oldurl']);
header("Location: $oldurl");
?>
<form method="post">
<!-- form stuff here -->
</form>if you're doing the login processing on a different page, then you'll need to pass the old string as a hidden var (as you've tried) or put it back in the url:
the better alternative in your situation would be to use a hidden form var though. not sure what would be making it kill your page though, check the source of the login page to see what's being put in that form var.
Code: Select all
<form action="someprocessingpage.php?oldurl=<?=$_GET['oldurl'];?>" method="post">Thanks. I got it to work on some of my pages -- but others give me an error message before redirecting to the logIn form:
(see: http://lab.slais.ucl.ac.uk:8036/~p100sa ... erList.php)
Something must be interfering with the code example you gave me on my page that it killing it! Any ideas?
Edited to add: The ones that don't work are in a subdirectory off of the root....
(see: http://lab.slais.ucl.ac.uk:8036/~p100sa ... erList.php)
Something must be interfering with the code example you gave me on my page that it killing it! Any ideas?
Edited to add: The ones that don't work are in a subdirectory off of the root....