monkeytooth Posted June 16, 2011 Share Posted June 16, 2011 I am wondering whats the best way to "remember" the last page someone was attempting to access. Lets say I have a members based site. And someone goes directly to an area thats public but requires login. I have the login page independent of the page they land on. So I guess curiously speaking whats the best way to approach and or handle that? Link to comment https://forums.phpfreaks.com/topic/239587-remembering-the-last-page/ Share on other sites More sharing options...
.josh Posted June 16, 2011 Share Posted June 16, 2011 $_SERVER['HTTP_REFERER'] or you can store the current location in a session variable Link to comment https://forums.phpfreaks.com/topic/239587-remembering-the-last-page/#findComment-1230748 Share on other sites More sharing options...
redixx Posted June 16, 2011 Share Posted June 16, 2011 One way is to have a hidden input in your login form, with the value of $_SERVER['HTTP_REFERER']. Then after you process the login just do a header() location or refresh to the hidden form value. But, HTTP_REFERER can be easily spoofed so it's not necessarily very trustworthy. If you want something more reliable you'll have to save the current page in a session, like crayon said. Link to comment https://forums.phpfreaks.com/topic/239587-remembering-the-last-page/#findComment-1230750 Share on other sites More sharing options...
.josh Posted June 16, 2011 Share Posted June 16, 2011 One way is to have a hidden input in your login form, with the value of $_SERVER['HTTP_REFERER']. Then after you process the login just do a header() location or refresh to the hidden form value. But, HTTP_REFERER can be easily spoofed so it's not necessarily very trustworthy. If you want something more reliable you'll have to save the current page in a session, like crayon said. And altering a hidden input field is even easier to spoof than HTTP_REFERER. And also, if you go the hidden field route, you wouldn't be popping it with HTTP_REFERER, but of the current page url. But anyways, we're talking about redirecting user to the page they were trying to get to when logging in, low probability someone would actually try to spoof something like that. Link to comment https://forums.phpfreaks.com/topic/239587-remembering-the-last-page/#findComment-1230795 Share on other sites More sharing options...
redixx Posted June 16, 2011 Share Posted June 16, 2011 One way is to have a hidden input in your login form, with the value of $_SERVER['HTTP_REFERER']. Then after you process the login just do a header() location or refresh to the hidden form value. But, HTTP_REFERER can be easily spoofed so it's not necessarily very trustworthy. If you want something more reliable you'll have to save the current page in a session, like crayon said. And also, if you go the hidden field route, you wouldn't be popping it with HTTP_REFERER, but of the current page url. It depends how it is set up. If you go to example.com/admin and it says you need to login, and redirects you to example.com/login, then after you logged in it would redirect you back to example.com/login. If you set the referer to HTTP_REFERER, IE: example.com/admin, that is where you would get redirected. You would only set it to the current page if the login form was on the page you wanted to redirect to. I only said to use a hidden input form because of the above scenario. You can only go back one page, after all. Using HTTP_REFERER at all may not give reliable results. Link to comment https://forums.phpfreaks.com/topic/239587-remembering-the-last-page/#findComment-1230836 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.