coppens Posted August 10, 2015 Share Posted August 10, 2015 (edited) I am having trouble with the coding to return the user to the previous page after submitting a form. I understand that it is usually better to create a direct link to the previous page, however there are four entrances to this page and I would like the user to return to their previous page upon submitting. I have listed the code below and I think my problem lies in line 112 or there about. Thank you so much. <?php session_start(); ?> <?php require_once('../Connections/Connect.php'); ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = "1,2"; $MM_donotCheckaccess = "false"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && false) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "AnitasAnimalArk/AnimalArk.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer .= "?" . $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO postshift (UserID, ShiftDay, ShiftDate, ShiftMonth, ShiftYear, ShiftStartHour, ShiftStartMin, ShiftStartTime, ShiftEndHour, ShiftEndMin, ShiftEndTime, ChildcareCentre, Address, City, Telephone, EmployeeFirstName, EmployeeLastName, `Position`, EmailEmployee, EmailCentre, Comments) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['UserID'], "int"), GetSQLValueString($_POST['ShiftDay'], "text"), GetSQLValueString($_POST['ShiftDate'], "text"), GetSQLValueString($_POST['ShiftMonth'], "text"), GetSQLValueString($_POST['ShiftYear'], "int"), GetSQLValueString($_POST['ShiftStartHour'], "int"), GetSQLValueString($_POST['ShiftStartMin'], "int"), GetSQLValueString($_POST['ShiftStartTime'], "text"), GetSQLValueString($_POST['ShiftEndHour'], "int"), GetSQLValueString($_POST['ShiftEndMin'], "int"), GetSQLValueString($_POST['ShiftEndTime'], "text"), GetSQLValueString($_POST['ChildcareName'], "text"), GetSQLValueString($_POST['ChildcareAddress'], "text"), GetSQLValueString($_POST['ChildcareCity'], "text"), GetSQLValueString($_POST['ChildcareTelephone'], "int"), GetSQLValueString($_POST['EmployeeFirstName'], "text"), GetSQLValueString($_POST['EmployeeLastName'], "text"), GetSQLValueString($_POST['Position2'], "text"), GetSQLValueString($_POST['EmployeeUserEmail'], "text"), GetSQLValueString($_POST['ChildcareEmail'], "text"), GetSQLValueString($_POST['Comments'], "text")); mysql_select_db($database_Connect, $Connect); $Result1 = mysql_query($insertSQL, $Connect) or die(mysql_error()); $insertGoTo = "HTTP_REFERER"; if (isset($_SERVER["HTTP_REFERER"])) { header("Location: " . $_SERVER["HTTP_REFERER"]); } header(sprintf("Location: %s", $insertGoTo)); } mysql_select_db($database_Connect, $Connect); $query_PostShift = "SELECT * FROM postshift"; $PostShift = mysql_query($query_PostShift, $Connect) or die(mysql_error()); $row_PostShift = mysql_fetch_assoc($PostShift); $totalRows_PostShift = mysql_num_rows($PostShift); $query_PostShift = "SELECT * FROM postshift"; $PostShift = mysql_query($query_PostShift, $Connect) or die(mysql_error()); $row_PostShift = mysql_fetch_assoc($PostShift); $totalRows_PostShift = mysql_num_rows($PostShift); $query_PostShift = "SELECT * FROM postshift"; $PostShift = mysql_query($query_PostShift, $Connect) or die(mysql_error()); $row_PostShift = mysql_fetch_assoc($PostShift); $totalRows_PostShift = mysql_num_rows($PostShift); $query_PostShift = "SELECT * FROM postshift"; $PostShift = mysql_query($query_PostShift, $Connect) or die(mysql_error()); $row_PostShift = mysql_fetch_assoc($PostShift); $totalRows_PostShift = mysql_num_rows($PostShift); $colname_Users = "-1"; if (isset($_SESSION['MM_Username'])) { $colname_Users = $_SESSION['MM_Username']; } mysql_select_db($database_Connect, $Connect); $query_Users = sprintf("SELECT * FROM users WHERE UserName = %s", GetSQLValueString($colname_Users, "text")); $Users = mysql_query($query_Users, $Connect) or die(mysql_error()); $row_Users = mysql_fetch_assoc($Users); $totalRows_Users = mysql_num_rows($Users); $colname_Childcare = "-1"; if (isset($_SESSION['MM_Username'])) { $colname_Childcare = $_SESSION['MM_Username']; } mysql_select_db($database_Connect, $Connect); $query_Childcare = sprintf("SELECT * FROM users INNER JOIN childcareinfo ON users.ChildcareID = childcareinfo.ChildcareID WHERE users.UserName = %s", GetSQLValueString($colname_Childcare, "text")); $Childcare = mysql_query($query_Childcare, $Connect) or die(mysql_error()); $row_Childcare = mysql_fetch_assoc($Childcare); $totalRows_Childcare = mysql_num_rows($Childcare); ?> Edited August 10, 2015 by Ch0cu3r added code tags Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted August 11, 2015 Share Posted August 11, 2015 (edited) I am having trouble with the coding to return the user to the previous page after submitting a form. That location is the form itself. You are using POST in your form and checking for POST values as well, if you wanted to pass additional parameters and values into the url need to use GET $editFormAction = $_SERVER['PHP_SELF'];//bad idea to use this if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); //you won't get a query string with form values because using POST for the form, need to use GET if want to pass these into the url } see all this? $insertGoTo = "HTTP_REFERER"; //should be $_SERVER['HTTP_REFERER'] if (isset($_SERVER["HTTP_REFERER"])) { //it's always going to be set, what it returns is another story header("Location: " . $_SERVER["HTTP_REFERER"]); exit; //always use exit after a header redirect } //header(sprintf("Location: %s", $insertGoTo)); //don't need this, would do the same as the above check, concatenation is done with a decimal point not a comma } Since you already check post variables from the form all you need to do is redirect from their referer location (in your case this would be the original form) This is a simple example how to handle a header redirect to it's previous location. I added a check to see if came from your domain, if not would redirect them to the main page if ($_SERVER['SERVER_NAME'] == @parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST )) { $insertGoTo = $_SERVER["HTTP_REFERER"]; }else{ $insertGoTo = "http://" . $_SERVER['SERVER_NAME']; } header("Location: " . $insertGoTo); exit; If you wanted to continue doing the rest of your code after this move this header redirect lower Edit: I wanted to add this code would work fine because of the check for POST values, be sure not to cause an infinite loop with redirects when using header() Edited August 11, 2015 by QuickOldCar Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.