» PHP: Returning a user to their original page after login
PHP: Returning a user to their original page after login
|December 31, 2009
Posted by forumadmin
Are there any ‘best practices’ concerning how one should return a user to their original page after logging in to your website, specifically in PHP? e.g. if I’m viewing a StackOverflow question while not logged in, how would you ensure that I return to this question if I logged in?
From my research, it seems a lot of advice centers around the $_SERVER['HTTP_REFERER'] variable. Basically, you take note of the referer and store it in the session, then redirect back to that page when you’re done.
The problem with this is that HTTP_REFERER is unreliable at best.
This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted.
Any edits to the referer to redirect to other areas of the site will be handled by routine permissions checks. If the referer gets blanked out, it might be acceptable to simply redirect the user to the main page of the site rather than the page they came from. This seems needlessly user hostile though, and I was hoping there would be some better way to handle this.
More Related Questions
- Best way to handle re-registration for applications Maybe this question is better suited to UX or applications, however it has a cetain level of security aspects as well.
I'm working on a registration process for a sign-up process. When a […]
- PHP – Not redirecting of varible is true I am trying to make a password protected page. When you enter the correctly it should redirect you to the previous page. But the problem I'm having is when you enter the password correctly […]
- Redirect user to another page after login auth and if statement with PHP PDO I am trying to redirect the user to another page when login is successful and $_SESSION[ 'logged_in' ] = true;
However, current code doesn't seem to be working for whatever, everything […]
So now she is on page http://mysite/a.php and referer is set to http://blog
Now there is […]
- Redirect landing page to login page if not logged in (tanyacms) It's my first question in Stack. I hope to be helped out.
I am working on a Q&A portal for my country. I am using Tanya CMS, it's pretty good.
But I want visitors to land in log in […]
- Will a 302 redirect maintain the referer string? I need to redirect the user from one page to another, but I need to maintain the original referer string. So, for example, if they start out on http://www.othersite.com/pageA.jsp, click a […]
- Joomla 3 Guests Redirect So I have few articles in my menu which are for registered users only. I want them to be visible for everyone but if the user is not logged-in once he clicks on the menu I want him get […]
- Get original URL referer with PHP? I am using $_SERVER['HTTP_REFERER']; to get the referer Url. It works as expected until the user clicks another page and the referer changes to the last page.
How do I store the original […]
- php/html – http_referer I am creating a website and on one particular page, am wanting to send the user back to the previous page. I am fairly new to PHP/HTML and have been using some existing code for ideas and […]
- Determining Referer in PHP What is the most reliable and secure way to determine what page either sent, or called (via AJAX), the current page. I don't want to use the $_SERVER['HTTP_REFERER'], because of the […]