PHP redirect

NightmareXX

I am using a PHP secure login script type thing and the problem i have is that e.g.

you visit main.php and because your not logged in, it comes up with "access denied". The code then redirects you to the login page and you login. The problem then arises that it doesn't redirect you back to the page you tried to access and instead puts you to admin/index.php.
What i want it to do is, after logging in, redirect you back to the page that you first tried to access.

Hope i made that clear, NightmareXX

Kudose

You need to get the URL the user is redirected from to the authentication page. Store that URL in a session. After you authenticate the user, redirect them using [man]header[/man] with the location as the stored session value.

Hope that makes sense.

NightmareXX

That made perfect sense to me as my dad makes his own asp forums so i know what that all meant. The problem for me is writing that code. I have never used PHP before so i don't know what all the code would be for that. Is it pre-written anywhere? and would it be easy to write?

So e.g.

<?php
header("Location: " . $redirpage);
exit;
?>

refaris

you could also pass the location without using a session variable, but by using a GET variable. put the location to redirect them to in the url

Kudose

But then what if I decided to put whatever directory I wanted (i.e. /etc/) in the URL and view it.

NightmareXX

Well, sticking with the idea that Kudose suggested, how do i write the code for that?

I have no experience with coding PHP as i only started last night lol.

refaris

very similarly to the way you assumed;

in your main.php file, wherever it detects whether the user is logged in or not, put something like this

<?php

if($logged_in == false){

header("Location:login.php?location=main.php");

}

then in your login page after it authenticates, have something like this

$location = $_GET[location];

if($location != ""){

header("Location:" . $location);

}

good luck

NightmareXX

$location = $_GET[location];

if($location != ""){

header("Location:" . $location);

}

I put that code in where you suggested but now it generates 2 errors:

Notice: Use of undefined constant location - assumed 'location' in C:\PHP_Files\v_auth\securepage.php on line 20

Notice: Undefined index: location in C:\PHP_Files\v_auth\securepage.php on line 20

I hadn't changed any of the code.

Kudose

Should be:

$_GET['location']; //instead of $_GET[location]

//and

header("Location: ".$location);
//added an extra space after the word location.

NightmareXX

The '' around the location for rid of one of the errors but im still getting the

Notice: Undefined index: location in C:\PHP_Files\v_auth\securepage.php on line 20

error. Im guessing that it means that it doesn't know what the string $location is?

Weedpacket

I don't see you checking that $_GET['location'] exists at all (with, e.g., [man]empty[/man]). If it is supposd to be there then what is the complete URL you're requesting?