Jump to content

[SOLVED] Referring page after login

tqla

By tqla
in PHP Coding Help

 Share

Recommended Posts

tqla Advanced Member

tqla

Posted
Posted

Hello. I am using Dreamweaver's built in authorization code (with modifications to make it actually work) and php5 and I would like the user to go back to the referring page after they login. In other words, a user will read a webpage that says "read more". When they click that it will take them to that page but if they are not already logged in they will go to the login page first. After they log in I need them to be taken to the page that they were headed to. Right now it's taking them to the "  $MM_redirectLoginSuccess = "memberarea.php"; page.

 

Here's the code at the top of the restricted page (the one that they will try to read but if not logged in they will go to the login page)

 

<?php
session_start();
$MM_authorizedUsers = "member,admin";
$MM_donotCheckaccess = "false";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && false) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>

 

 

Here is the code at the login page. I need this login page to send them to the above page after successfully loggin in. Right now it doesn't. It's currently sending them to the l

$MM_redirectLoginSuccess = "memberarea.php";.

 

<?php require_once('Connections/Auth.php'); ?>
<?php
  session_start();  

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
  $_SESSION['PrevUrl'] = $accesscheck;
  session_register('PrevUrl');
}

if (isset($_POST['fusername'])) {
  $loginUsername=$_POST['fusername'];
  $password=$_POST['fpassword'];
  $MM_fldUserAuthorization = "status";
  $MM_redirectLoginSuccess = "memberarea.php";
  $MM_redirectLoginFailed = "login.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_Auth, $Auth);
  	
  $LoginRS__query=sprintf("SELECT loginName, password, status FROM Member WHERE loginName='%s' AND password='%s'",
  get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
   
  $LoginRS = mysql_query($LoginRS__query, $Auth) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
    
    $loginStrGroup  = mysql_result($LoginRS,0,'status');
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;      

    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

 

I've scoured the internet and this forum and found that others have experienced this issue but I've found no answers. Please help. Thanks!

Link to comment
Share on other sites
kael.shipman Member

kael.shipman

Posted
Posted

What I usually do is just tack the current url onto the query string for login.php (i.e. $MM_restrictGoTo = "login.php?return=".$_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']; ). Then on your login page, test for $_GET['return']. If it's set, use it; if not, use a default return page. Note that to pass a URL with a query string in a query string, you'll need to escape all the ampersands and such so it doesn't parse out as part of the current URL. I made a special function for this, but I think there's one that's built-in (I don't remember why I didn't use it, but I had a reason).

 

<?php
//Login.php

...
//User checks out - proceed to page
$url = 'memberArea.php';
if ($_GET['return']) {
$url = $_GET['return'];
}

header('Location: '.$url);
exit;
?>

Link to comment
Share on other sites
tqla Advanced Member

tqla

Posted
  • Author
Posted

Thanks Kael. I think I understand the first part. But where on my login script would I put the

 

<?php
//Login.php

...
//User checks out - proceed to page
$url = 'memberArea.php';
if ($_GET['return']) {
$url = $_GET['return'];
}

header('Location: '.$url);
exit;
?>

Link to comment
Share on other sites
kael.shipman Member

kael.shipman

Posted
Posted

Your login script should look something like this:

 

<?php
//url: www.yoursite.com/login.php?return=%2FreferringPage.php%3FgetVar1%3Dvalue1%26amp%3BgetVar2%3Dvalue2
//All the %## symbols are the hex values for "/" (%2F), "?" (%3F), "=" (%3D), "&" (%26), and ";" (%3B)
//You need those so the return URL doesn't become part of the current executing url

$_POST['uname'];
$_POST['password'];

if (is_user($_POST['uname'],$_POST['password']) == true) { //user-defined function to test validity of user. I recommend further precautionary measures, though.
     $_SESSION['userName'] = $_POST['uname'];
     $_SESSION['password'] = $_POST['password'];
     $returnUrl = 'myAccountHomepage.php'; //Define default return page in case the user linked directly to the login page
     if ($_GET['return']) { //If the return variable is set, use that instead
          $returnUrl = decode($_GET['return']); //Replace all the encoded characters with the originals
     }
     header('Location: '.$returnUrl);
     exit;
}
?>

 

By the way, you could probably also use the $_SERVER['REFERRER'] auto-global, but make sure that you still define a default in case there's no referrer. Also, be sure that the url in that referrer variable is on your domain (i.e., that someone didn't find a link in a search engine or something).

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.