Log-Out Behavior??

[doubledee]

When Users navigate pages containing content, I store the page in...

// Set current Script Name.
$_SESSION['returnToPage'] = $_SERVER['SCRIPT_NAME'];

 

While testing, I just noticed behavior I didn't account for and could use some advice...

 

If you are logged in and on the page "Postage Meters Can Save You Money", and you click "Log Out", when you log back in, where should you be directed??

 

1.) Last page you were on (i.e. "Postage Meters Can Save You Money")??

2.) index.php ??

 

 

I would say #2, because if I "Log Out", then when I come back later and "Log In", I probably won't care where I was last.  (Versus if I am on "Page B" and I log in, then I want to immediately return to "Page B".  But that is a different scenario.)

 

What do you think?

 

It is a minor, but interesting point?!

 

 

 

Debbie

 

 

[litebearer]

presuming logout destroyed session ...

 

for 1. you would need to keep some record of what page they were last on prior to logout; therein making the presumption that is the page the user wants to return to upon login.

 

for 2. all logins should, for consistency in users mind, always lead to 1 certain page (MY VOTE)

[spiderwell]

i would go for 2 )

 

 

 

[darkfreaks]

if you use $_SESSION for your login script please PLEASE try to avoid session hijacking!!! please make sure the sessions are isset beforehand. and provides abit of extra security by md5 the $_SESSION according to the PHP Consortium which you can read here http://phpsec.org/projects/guide/4.html