SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Addict
    Join Date
    Oct 2004
    Location
    NYC
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Clicking on a url, but Session is not set so login page loads, how is this done?

    Hello,

    I was wondering how can I do this. Lets say, I click on a link or paste a link trying to load that page but the session nor the session variable is set so the link takes the user to the login page, and user logs in, but now user is taken to whatever the default page might be instead of the page the user was trying to get to.

    How can I make sure that the user is taken to the requested page instead default page after logging in.

    Thanks.

  2. #2
    SitePoint Enthusiast mrsmiley's Avatar
    Join Date
    Jul 2004
    Location
    Melbourne
    Posts
    96
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If the session doesn't exist prior to them logging in, then you need to store a cookie client side with the url they were trying to hit, then after loggin in, send them to the link in the cookie instead of the default one. If the cookie doesn't exist, its a normal user.

    The biggest issue is you need to make sure the link is "safe" first. Don't redirect them to a page that does something. eg. executes a save or delete command. Also have to make sure if you have internal security on each page, that you respect that as well before redirecting.

  3. #3
    SitePoint Addict
    Join Date
    Oct 2004
    Location
    NYC
    Posts
    306
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Hey mrsmiley

    Thanks a lot for your reply. So does it mean it cannot be done if the cookies are disabled? And how does one make sure the link is safe? Like on sitepoint, if I want to add a post and am not logged in then it takes me to login and once logged in then I am routed to add post page. Is it difficult to do, or it has security concerns and not recommended?

    Thanks.

  4. #4
    SitePoint Evangelist mrwooster's Avatar
    Join Date
    Jan 2006
    Posts
    518
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You could also store the page in a session.

    You could have something like this:

    PHP Code:
    <?php
    $pagename 
    "/forum/reply.php";
    $safe true;

    if(!
    $_SESSION['login']) {
    $_SESSION['pagename'] = $pagename;
    $_SESSION['safe'] = $safe;
    // Redirect to login page
    } else {

    // User has logged in
    }
    ?>

    // ========================================

    <?php
    // Login page

    // Do login process

    if($_SESSION['safe']) {
    // Rdirect to $_SESSION['pagename']
    } else {
    // Page not sage so redirect to default page
    }
    ?>
    Hope this helps

    Guy


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •