Jump to content

$_SERVER['HTTP-REFERRER']

jonahpup

By jonahpup
in PHP Coding Help

 Share

Recommended Posts

jonahpup Newbie

jonahpup

Posted
Posted

Hi,

 

I have a login script that is working great, except for one little bit... Once the user is logged in, I want to give them the option of returning to the page they came from... However, when the user is logged in, and they click on the return to previous page link, they are taken back to the login page they just filled in... how do I get around this??

 

Here is my code!

<?php
ob_start();

include("config.php"); 

$pass = md5($_POST['password']);

// connect to the mysql server 
$link = mysql_connect($server, $db_user, $db_pass) 
or die ("Could not connect to mysql because ".mysql_error()); 

// select the database
mysql_select_db($database) 
or die ("Could not select database because ".mysql_error()); 

$match = "select id from $table where username = '".$_POST['username']."' 
and password = '$pass';"; 

// Gather referrer info
$ref = $_SERVER['HTTP_REFERER'];

$qry = mysql_query($match) 
or die ("Could not match data because ".mysql_error()); 
$num_rows = mysql_num_rows($qry); 

if ($num_rows <= 0) { 
echo "Sorry, there is no username or password with: <strong>".$_POST['username']."</strong><br>"; 
echo "<a href=login.html>Try again</a>"; 
exit;

} else { 

setcookie("loggedin", "".$_POST['username']."", time()+(3600));
setcookie("username", "".$_POST['username']."", time()+(3600));
echo "Welcome: <strong>".$_POST['username']."</strong><br>"; 
echo "Return to the <a href=$ref>previous</a> page."; 
}
ob_end_flush();
?>

Link to comment
Share on other sites
Caesar Newbie

Caesar

Posted
Posted

Somewhere on the login page, you define the session variable...

 

<?php

  session_start();

  $_SESSION['referer'] = $_SERVER['HTTP_REFERER'];

  //YOUR OTHER CODE HERE//

?>

 

Then in any other page you call that value up like so...

 

<?php

  session_start();

  $refurl = $_SESSION['referer'];

?>

 

You can also use a cookie to do this.

 

Of course you'll want to add functionality to check the refering url and whatnot...some cleansing and finessing of it all. But that is the basics of it.

Link to comment
Share on other sites
jonahpup Newbie

jonahpup

Posted
  • Author
Posted

thanks caesar... same thing is still happening tho...

 

basically what it is doing is:

  I goto newpage.php

  I am told that I need to login... so I click the "login" anchor which takes me to login.php

  I then enter my username and password, and click Login...

  I am then being taken back to login.php instead of newpage.php

 

I need it so that I am taken back to newpage.php (or whatever page I have come from)...

 

 

Link to comment
Share on other sites
jonahpup Newbie

jonahpup

Posted
  • Author
Posted

Ok

 

 

//This is test.php the page I initially goto.  If I am logged in, I am shown the page... if not I am shown a message saying I must log in

<?php
$username = $_COOKIE['loggedin'];
if (!isset($_COOKIE['loggedin'])) die("You are not logged in, <a href=login.php>click here</a> to login.");
echo "You are logged in $username";
?>

<html>
<head>
</head>
<body>
<h2>This is a test page.</h2>
<p>If you see this text, you are currently logged in.</p>
<p><a href="logout.php">Click here to log out</a></p>
</body>
</html>

 

// This is login.php - the page users are sent to to enter their login details.

// Once username and password has been checked and is correct, I want the user to be able to go back to the page they came from... in this case test.php

<?php

session_start();
$_SESSION['referer'] = $_SERVER['HTTP_REFERER'];
$ref = $_SESSION['referer'];

ob_start();

include("config.php"); 

$pass = md5($_POST['password']);

// connect to the mysql server 
$link = mysql_connect($server, $db_user, $db_pass) 
or die ("Could not connect to mysql because ".mysql_error()); 

// select the database
mysql_select_db($database) 
or die ("Could not select database because ".mysql_error()); 

$match = "select id from $table where username = '".$_POST['username']."' 
and password = '$pass';"; 

$qry = mysql_query($match) 
or die ("Could not match data because ".mysql_error()); 
$num_rows = mysql_num_rows($qry); 

if ($num_rows <= 0) { 
echo "Sorry, there is no username or password with: <strong>".$_POST['username']."</strong><br>"; 
echo "<a href=login.html>Try again</a>"; 
exit;

} else { 

setcookie("loggedin", "".$_POST['username']."", time()+(3600));
setcookie("username", "".$_POST['username']."", time()+(3600));
echo "Welcome: <strong>".$_POST['username']."</strong><br>"; 
echo "Return to the <a href=$ref>previous</a> page."; 

}
ob_end_flush();
?>

 

 

Link to comment
Share on other sites
saf Newbie

saf

Posted
Posted

If the login form is also on the login.php page then this is what is happening:

1. You reach login.php from test.php and the HTTP_REFFERER is set to text.php

2. You fill out the form and submit it to login.php

3. This time arround the code segment is called again and HTTP_REFFERER is set to login.php, thus you are going back to login.php once the script is executed.

 

 

Solution:

Change this ->

$_SESSION['referer'] = $_SERVER['HTTP_REFERER'];
$ref = $_SESSION['referer'];

to this ->

if($_SERVER['HTTP_REFERER']!="http://yoursite.com/login.php"){
    $_SESSION['referer'] = $_SERVER['HTTP_REFERER'];
    $ref = $_SESSION['referer'];
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.