Redirect after login

[freeloader]

Hi guys,

 

I ran into a little problem while coding a login script.

 

Current redirect after succesful login:

 

// Register $myusername, $mypassword and redirect to overview
session_register(myusername);
$_SESSION["myusername"] = $myusername;

header("location:overview.php");

 

Current schematics: users enter login data on index.php, form refers to checklogin.php, at checklogin we perform the login checks and then redirect to overview.php.

 

Now, what I want to accomplish is that when users get referred to the login by trying to access a page on the server (such as test.php), they get referred to that page again after login. I've seen it done on other sites, and I know a way to implement it here. I'm just trying to find out if there isn't a better/easier way to do this?

 

What I'd do is get the referer, and preg match it for my site's base url; if that's alright, it means the user came from my site, and we can safely redirect to the refererer. If not, he came from somewhere else and I redirect to overview.

 

Any other and better methods?

[Deoctor]

do u want to check if the user comes from a valid site of urs then it should go there or else

it should redirect him to login page..is it correct??

[gevensen]

google  http referer php

for example:

http://www.electrictoolbox.com/php-http-referer-variable/

[cags]

Ok, if I'm understanding what you want. The user will attempt to access home.php, they will get a message saying you must be logged in to view this and get sent to the login page, you want it so that they get sent back to home.php (or whatever page redirected them to login.php). There's a couple of ways to do it, which you choose will depend greatly on your code. The most flexible options would be to set a $_SESSION variable before sending the user to the login page, then if that session variable isset you redirect to that page otherwise you redirect to a 'default' page.

 

 

[freeloader]

@ ym_chaitu

 

That's correct, I want to check if he's coming from the same site. Then redirect him back to the page he was trying to access.

 

@ gevensen

 

Thank you for the kind attempt to help, but I think you misunderstood my question. I know how to handle refererer

 

@  cags

 

Thank you for that input, that's indeed a good option. The only problem is that I had this script for a while and was dumb enough to not code it with headers and footers... meaning I'd have to change all pages for that. I thought about redirecting that way (or a comparable GET method) before as well.

 

If you think that's the best way to do this, I'll go ahead and do it, it's quite a lot of pages though...

[citricsquid]

The simplest solution is to have the login page (one with the input form) add the referrer to their session, you don't need to store the referrer on every page, only the login. You'd have to add exceptions for no login and external sites though.

[freeloader]

Solution so far, based on your input:

 

top of index.php:

<?php
/**** Set refererer ****/
session_start();
$_SESSION["refer"] = $_SERVER['HTTP_REFERER'];
?>

 

checklogin.php:

$domain = parse_url($_SESSION["refer"]);
$domain = str_replace("www.", "", $domain['host']);
$host = str_replace("www.", "", $_SERVER['HTTP_HOST']);

if($domain == $host) {
header("location:".$_SESSION["refer"]);
}
else{
header("location:overview.php");
}

 

Only thing I lack in this code is when I'm not logged in and I go to a specific page, I get redirected to login but it won't store referer in that case and thus will not bring me to my originally preferred page.