Redirecting to previous page after login using HTTP_REFERER

  • (2 Pages)
  • +
  • 1
  • 2

26 Replies - 1446 Views - Last Post: 04 April 2013 - 08:57 AM Rate Topic: -----

#1 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 07:48 AM

OK, so I am back with another question. I understand that the code written in the fourth code snippet is outdated, deprecated, poorly written, and essentially plain crap. But, the code I have written is exactly how my PHP instructor taught us. Now I understand, after scouring the internet and posting here with other issues, that his coding techniques are extremely outdated and not secure at all. That being said it's all I know so it's all I have to go off of. So, please refrain from judging me.

I am now looking to redirect a user back to the page they were on when they clicked on the "Log In" link. Sounds easy enough, but once again, the code I am working off of is nowhere to be found on the internet, so I cannot even get a relevant sample to look at.

I've read about the HTTP_REFERER and understand this too is not very secure but the other methods I've researched are way too complex and I would have to completely rewrite all of the code I have here so far. (I know, that would be a great starting point!)

Now, the closest example I could find to my code in order to use the HTTP_REFERER shows this code replacing the code I have on lines 71 - 79. I would change the variable names to the ones I am using.
if($user==FALSE)
     {
	$Password = null;
	showForm('Invalid log in information.');
	exit();
     }
if($user == TRUE){
	$UserName = $user['USER_NAME'];
	$Password = $user['USER_PASSWORD'];
	$_SESSION['validUser'] = $UserName;
		if(isset($_POST['returnTo'])){
			$return = $_POST['returnTo'];
			header('Location:'.$return);
		}
}


And then this code being inserted on line 130, which I have left blank for the moment. I would change the variable $returnTo to something more descriptive.
<?php
     if(isset($_SERVER['HTTP_REFERER'])){
          $returnTo = $_SERVER['HTTP_REFERER'];
     }
	  echo "<input type='hidden' name='returnTo' value ='$returnTo'/>";
?>


Then, on the page the user returns to the following code is written.
if(isset($_SESSION['validUser'])){
     $ValidUser = $_SESSION['validUser'];
}

if (isset($_SESSION['validUser'])){?>{

//then change the "Log In" and "Register" links to "Log Out" and "My Profile", plus add a greeting to the user with their name using this code <p>Welcome <?=$ValidUser;?>!</p>


One last thing, I have placed all of this code into my code and it did not work. So, I know I am missing something. What it is I don't know. I'm assuming it is within my lines 4 - 46. Something about those lines (other than the absolute crappy coding format) is not quite right.
Is there a way to make this code work? Or, is there an easier method to do what I am trying?? Once again, any, and all, help would be greatly appreciated.

Here is the code as it is now.
<?php
session_start();

if (!isset($_SESSION['ValidLogIn'])){

     //if username and password are empty display welcome message
     if(empty($_POST['txtUserName']))  if(empty($_POST['txtPassword'])) 
        {
            showForm('Welcome to Wiscon');
            exit();
        }

     //validate text was entered in UserName text box
     if(empty($_POST['txtUserName']))  if(isset($_POST['btnSubmit']))
        {
        showForm('Please Enter A User Name');
        exit();
        }
    else
        {
            $UserName = $_POST['txtUserName'];
        }

     //validate text was entered in password text box
     if(empty($_POST['txtPassword']))  if(isset($_POST['btnSubmit']))
       {
           showForm('Please Enter A Valid Password');
           exit();
       }
       else
      {
          $Password = $_POST['txtPassword'];
      }

     $UserName = $_POST['txtUserName'];
     $Password = $_POST['txtPassword'];

     //validate username and password match
     if($Password != Password($UserName)) if(isset($_POST['btnSubmit']))
      {
          showForm('User Name And Password Do Not Match!');
          exit();
      }

     $_SESSION['ValidLogIn'] = $UserName;
}

function Password($UserName)
{
     //database login
        $dsn = 'mysql:host=XXX;dbname=XXX';
        $username='XXX';
        $password='XXX';

     //variable for errors
        $options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);

     //try to run code
        try {

     //object to open database
        $db = new PDO($dsn,$username,$password, $options);

     //check username against password
        $SQL = $db->prepare("Select * FROM user WHERE user_name = :UserName and user_password = :UserPassword");
        $SQL->bindValue(':UserName', $UserName);
        $SQL->bindValue(':UserPassword', $UserPassword);
        $SQL->execute();
        $username = $SQL->fetch();

  if($username === false)
       {
           $password = null;
       }
   else
       {
           $password = $username['USER_PASSWORD'];
           include 'index.php';
       }

   return $password;
   $SQL->closeCursor();
   $db = null;

   } catch(PDOException $e){
       $error_message = $e->getMessage();
       echo("<p>Database Error: $error_message</p>");
       exit();
   }
}

function showForm($formMessage = "Welcome.")
{?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Log In</title>
<link rel="stylesheet" href="styles/default-styles.css" type="text/css" />
<link rel="stylesheet" href="styles/FormStyle.css" type="text/css" />
<script type="text/javascript" src="js/validateLogInForm.js/validateLogInForm.js">        </script>
</head>

<body id="logPage">
<div id="wrapper">

   <?php include('includes/header.php'); ?>
   <?php include('includes/topNavigation.php'); ?>

   <div id="mainContent">
       <div class="formDiv">
           <form name="registerForm" id="registerForm" action="" method="post">
            <?php if ($formMessage !="") echo "<h2 style=\"color:#FF0000; text-align: center\">".$formMessage."</h2>"; ?>
               <h1 style="color:#FF530D; text-align: center">Log into your account here!</h1>

               <fieldset id="security">
                   <legend>Security</legend>
                   <label for="txtUserName" class="boxLabel">User Name:</label>
                   <input type="text" id="txtUserName" name="txtUserName" autofocus="autofocus" required="required" />
                   <script type="text/javascript">
                       if(!("autofocus" in document.createElement("input")))
                       {
                           setTimeout(function(){
                               document.getElementById("txtUserName").focus();
                           }, 10);
                       }
                       </script>
                   <label for="txtPassword" class="boxLabel">Password:</label>
                   <input type="password" id="txtPassword" name="txtPassword" required="required" />
                  
               </fieldset>

               <fieldset id="submission">
                   <div id="buttons">
                       <input type="submit" id="btnSubmit" name="btnSubmit" value="Submit" onclick="return validateLogInForm()"/>
                       <input type="reset" id="btnReset" name="btnReset" >
                   </div><!--end buttons-->
               </fieldset>
</p>
           </form>
       </div><!--end div class=formDiv-->
   </div><!--end div id=mainContent-->

   <?php include('includes/footer.php'); ?>

</div><!--end div id=wrapper-->
</body>
</html>
<?php
}
?>



Is This A Good Question/Topic? 0
  • +

Replies To: Redirecting to previous page after login using HTTP_REFERER

#2 andrewsw  Icon User is online

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3473
  • View blog
  • Posts: 11,789
  • Joined: 12-December 12

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 09:00 AM

Make good use of echo() or print_r() etc to check for correct values:

print_r($_SERVER['HTTP_REFERER']);

You should View the Source for your page to read this information correctly. Is it correctly formed?

An alternative approach is just to go back a page:

header("location:javascript://history.go(-1)");

Yet another approach is either to redirect to a specific page, or let the user decide if he wants to go back :). Although, I appreciate the convenience myself if the web-site is able to direct me back to where I was.

This post has been edited by andrewsw: 24 March 2013 - 09:02 AM

Was This Post Helpful? 0
  • +
  • -

#3 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 12:52 PM

I too appreciate the convenience of having the web-site take me back to where I was.

I've removed all the additional code I found online from my pages and am now just working strictly off of the code presented in the last code box. I'm going to try and do this using the most basic method available to me. But, like I stated previously, there are no code examples on how to redirect someone back to the page they came from that even closely resembles the code I have been taught. So, most examples out there I don't see how I can use them within my code.

Is there anyone who can see a method that would work for me using the code I have learned? I understand the code is crap. But, even so, there has to be a way for this to work. All I am asking for is some guidance. Or a tutorial to help me through it (even if that means PMing me). I do not want to be directed to websites that explain how my code is deprecated and how I should use this or that other method. I've already read all of those links. They're too advanced for what I have learned.

This post has been edited by Dormilich: 25 March 2013 - 03:07 AM

Was This Post Helpful? 0
  • +
  • -

#4 andrewsw  Icon User is online

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3473
  • View blog
  • Posts: 11,789
  • Joined: 12-December 12

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 01:03 PM

Did you use print_r like I suggested? What did it print for the HTTP_REFERER?

What appears as the value of this input?
echo "<input type='hidden' name='returnTo' value ='$returnTo'/>";

View the source for the page in order to read it.

I'm suggesting your code should work, if HTTP_REFERER is correctly formed, correctly posted, and there are no other errors in your code.

Turn on all error reporting as well by adding the following to the top of your PHP:

error_reporting(E_ALL);
ini_set('display_errors', '1');

Was This Post Helpful? 0
  • +
  • -

#5 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 01:04 PM

I've never used print_r. Is it used the same way as echo()?
Was This Post Helpful? 0
  • +
  • -

#6 DoxramosPS  Icon User is offline

  • D.I.C Head

Reputation: 4
  • View blog
  • Posts: 174
  • Joined: 07-October 12

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 01:07 PM

I know this doesn't quite answer the question, but why don't you use
<meta http-equiv="refresh" content="0">
?

<?php
    		      if(isset($_POST['submitted']))
{
   if($YourFunctionCaller->Login())
   {
        echo '<meta http-equiv="refresh" content="0">';
   }
}


Then inside your form have a hidden field of submitted and give it a value. This way it submits the hidden form value and You'll refresh the page with the login intact.
Was This Post Helpful? 0
  • +
  • -

#7 andrewsw  Icon User is online

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3473
  • View blog
  • Posts: 11,789
  • Joined: 12-December 12

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 01:09 PM

View Posthugoriffic, on 24 March 2013 - 08:04 PM, said:

I've never used print_r. Is it used the same way as echo()?

Erm, did you read the docs? You should be doing this for any function that you come across, or anything else PHP-related.
Was This Post Helpful? 0
  • +
  • -

#8 DoxramosPS  Icon User is offline

  • D.I.C Head

Reputation: 4
  • View blog
  • Posts: 174
  • Joined: 07-October 12

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 01:10 PM

And also; sorry; throw a
elseif(!$YourFunctionCaller->Login())
{
    $YourFunctionCaller->RedirectToURL("invalid_login.php");
}


I can't guarantee the Redirect on invalid; I'm assuming it would work though.
Was This Post Helpful? 0
  • +
  • -

#9 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 01:38 PM

View Postandrewsw, on 24 March 2013 - 09:09 PM, said:

View Posthugoriffic, on 24 March 2013 - 08:04 PM, said:

I've never used print_r. Is it used the same way as echo()?

Erm, did you read the docs? You should be doing this for any function that you come across, or anything else PHP-related.

And that is the issue. My professor has never mentioned print_r so until you mentioned it I hadn't even heard of it. And every time anyone links to PHP.net that is the first time I run across whatever they've sent me to read up on. And to be honest, the way my prof taught PHP class, was to sit down type the code and we essentially just followed along. He didn't really explain it or why we were using it. Just follow the bouncing ball. Monkey see, monkey do. And everywhere I look the code he taught me is crap. No one uses it. Google can't even find examples of any of it no matter how I search for it. He doesn't use a book either.

And I am no longer using the HTTP_REFERER in my code. I removed it and all the code I posted that used this method. If I don't quite understand it then I shouldn't be using it. If someone wants to walk me through the code then I will use it, but until I understand it I won't use it.

I've been taught what essentially comes down to useless crap. It isn't even PHP. Now I am starting to question all my other classes and what they taught in those as well. And the sad part is this isn't a University of Phoenix type of school, it's supposedly a very well respected tech college in all of Wisconsin.

View PostDoxramosPS, on 24 March 2013 - 09:10 PM, said:

And also; sorry; throw a
elseif(!$YourFunctionCaller->Login())
{
    $YourFunctionCaller->RedirectToURL("invalid_login.php");
}


I can't guarantee the Redirect on invalid; I'm assuming it would work though.

Both the code examples you posted are probably very helpful but I don't even understand those. I would have no clue where to even put the code.
Was This Post Helpful? 0
  • +
  • -

#10 andrewsw  Icon User is online

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3473
  • View blog
  • Posts: 11,789
  • Joined: 12-December 12

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 01:53 PM

What makes you think the code is so bad? It look alright to me and, in fact, is more modern than most other scripts we come across. At least it uses the recommended PDO library, and prepared statements, which are huge plus points.

These statements:
if(empty($_POST['txtUserName']))  if(empty($_POST['txtPassword']))

are poorly formed though, and should be:

if(empty($_POST['txtUserName']) && empty($_POST['txtPassword']))

Was This Post Helpful? 0
  • +
  • -

#11 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 02:27 PM

I can't believe I missed the if statements structure. I was wondering why they didn't work with the && the way I have them written. Thanks for pointing that obvious error out. That's a case of looking at it so long you no longer see it.

The reason I think the code is crap is because every time I come here to post a question or go to other websites (stackoverflow for example) people tear the code apart: tell me it's deprecated, direct me to PHP.net, I don't know how many times I've been told to delete all the PHP and just start from scratch, show me code that uses this-> and my_sqli, or any other number of things that state the code sucks. All of you guys know what you are doing. So, when I am told to use updated code or don't post at all, start from scratch, or when I am constantly being redirected to PHP.net to read up on things I have never heard of it's discouraging to say the least.

I have to tell you that I am very excited, enthusiastic, and amazed by web design and development. I want to learn it all. It's exciting and new to me. Yet, when I post anything I get the feeling I am not being taught anything that is used out in the real world.

This post has been edited by Dormilich: 25 March 2013 - 03:10 AM

Was This Post Helpful? 0
  • +
  • -

#12 andrewsw  Icon User is online

  • Fire giant boob nipple gun!
  • member icon

Reputation: 3473
  • View blog
  • Posts: 11,789
  • Joined: 12-December 12

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 02:50 PM

You were previously using the mysql library, which is deprecated, so I would expect you to receive suggestions not to use this. You are now using the (recommended) PDO library and prepared statements.

StackOverflow is particularly.. zealous. If, rarely, I post a question there, I tend to ignore the first six responses, telling me what I've done wrong, and why I'm asking a silly question.

People answering questions are giving of their own free time and this site in particular encourages good practices, and teaches rather than providing unqualified answers. So, yes, you need a harder shell to get the best from a forum :) and to be willing to accept a little criticism/advice here and there.

You will continue to receive references to the PHP documentation; it is an excellent resource and should be the first place that you look (once you know the name of the function or feature that you may want to use); read the whole page, including the comments.

This post has been edited by andrewsw: 24 March 2013 - 02:52 PM

Was This Post Helpful? 0
  • +
  • -

#13 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 03:20 PM

I believe stackoverflow is done with me and my code. I don't get responses at all anymore.

I want to learn good practices, proper structures, and the like and I feel like I am trying hard to do so. I have been reading through The PHP Easy Start Guide on this site and agree with the original poster JBrace1990 that PHP.net is cryptic and not very useful for beginners (esp when I don't have a clue as to what function I would use). I've had W3Schools bookmarked for some time now and go through it when I can. I've looked through the DIC tutorials. And numerous other sites and tutorials online. All of them are helpful in their own way, but none of them teach the style of script that I am being taught. And I am not good enough to take a code snippet from one site and put it inside of mine yet. Half the time I don't know where to put it.

I'm trying. I spend a lot of time looking over code. I know I should stop doing that and start coding to learn. I just need to learn the basics properly and be patient.

This post has been edited by Dormilich: 25 March 2013 - 03:11 AM

Was This Post Helpful? 0
  • +
  • -

#14 Atli  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3719
  • View blog
  • Posts: 5,990
  • Joined: 08-June 10

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 24 March 2013 - 09:16 PM

View Posthugoriffic, on 24 March 2013 - 10:20 PM, said:

... I've had W3Schools bookmarked for some time now and go through it when I can...

I'd strongly recommend against that. They have a habit of posting poor info, and their code is mostly crap. (As far as I've seen, at least.) - Any PHP tutorial that fails to capture the return value of the mail() function, or blatantly ignores SQL Injection in their MySQL examples, should be deleted of the internet immediately!


As for your redirection question. Here is what I suggest:

Try is to store the HTTP_REFERER from the first load of the login page in the session. Then use that value to redirect the user back to that page when the login is over. - The problem is that the HTTP_REFERER header is set each time you are redirected to the page, which includes when the page redirects to itself, through things like form submits. There is a simple way to get around that though. Just compare the URI of the referer header to the URL of the current page, and if they match, don't update the session value. That'll make sure self-redirects won't overwrite the initial value. The logic would be something like:
IF the http_referer header is set:
    IF the URI of the current referer does NOT match the URI of the current page:
        save the current referer to the session.


Note that you can get the URI of the current page from the $_SERVER["REQUEST_URI"] element, and you can grab the URI of the HTTP referer by using the parse_url() function: parse_url($_SERVER["HTTP_REFERER"], PHP_URL_PATH).
Was This Post Helpful? 0
  • +
  • -

#15 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 27 March 2013 - 06:03 PM

Would the following code work?

Log in page:
<?php
session_start();

if(isset($_SESSION['url'])) {
   $url = $_SESSION['url'];
}
else {
   $url = "index.php";
}
header("Location: http://mysite.com/$url");
exit();


if (!isset($_SESSION['ValidLogIn'])){

//if username and password are empty display welcome message
if(empty($_POST['txtUserName']) &&  empty($_POST['txtPassword'])) 
		{
			showForm('Welcome');
        	exit();
		}

//validate text was entered in UserName text box
if(empty($_POST['txtUserName']) && isset($_POST['btnSubmit']))
        {
           showForm('Please Enter A User Name');
           exit();
        }
   else
		{
           $UserName = $_POST['txtUserName'];
        }

//validate text was entered in password text box
if(empty($_POST['txtPassword']) && isset($_POST['btnSubmit']))
       {
           showForm('Please Enter A Valid Password');
           exit();
       }
   else
       {
           $Password = $_POST['txtPassword'];
       }

$UserName = $_POST['txtUserName'];
$Password = $_POST['txtPassword'];

//validate username and password match
if($Password != Password($UserName) && isset($_POST['btnSubmit']))
       {
           showForm('User Name And Password Do Not Match!');
           exit();
       }
       }
function Password($UserName)
{
   //database login
   $dsn = 'mysql:XXX;dbname=XXX';
   $username='XXX';
   $password='XXX';
   //variable for errors
   $options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
   //try to run code
   try {
   //object to open database
   $db = new PDO($dsn,$username,$password, $options);
   //check username against password
       $SQL = $db->prepare('SELECT * FROM user WHERE USER_NAME = :UserName and USER_PASSWORD = :Password');
	   $SQL->bindValue(':UserName', $UserName);
	   $SQL->bindValue(':Password', $Password);
	   $SQL->execute();
	   $username = $SQL->fetch();
			
			if($username === FALSE)
			{
				$Password = null;
				showForm('Invalid log in information.');
				exit();
			}
			if($username == TRUE){
				$Password = $username['USER_PASSWORD'];
				$_SESSION['ValidLogIn'] = $Password;
				}
         
       return $Password;
       $SQL->closeCursor();
       $db = null;
             
       } catch(PDOException $e){
           $error_message = $e->getMessage();
           echo("<p>Database Error: $error_message</p>");
           exit();
       }
       
}
function showForm($formMessage = "Welcome.")
{?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>WisCon Log In</title>
<link rel="stylesheet" href="styles/default-styles.css" type="text/css" />
<link rel="stylesheet" href="styles/FormStyle.css" type="text/css" />
<script type="text/javascript" src="js/validateLogInForm.js/validateLogInForm.js"></script>
</head>

<body id="logPage">
   <div id="wrapper">
       
       <?php include('includes/header.php'); ?>
       <?php include('includes/topNavigation.php'); ?>
     
       <div id="mainContent">
           <div class="formDiv">
               <form name="registerForm" id="registerForm" action="" method="post">
                <?php if ($formMessage !="") echo "<h2 style=\"color:#FF0000; text-align: center\">".$formMessage."</h2>"; ?>
                   <h1 style="color:#FF530D; text-align: center">Log into your account here!</h1>
             
                   <fieldset id="security">
                       <legend>Security</legend>
                       <label for="txtUserName" class="boxLabel">User Name:</label>
                       <input type="text" id="txtUserName" name="txtUserName" autofocus="autofocus" required="required" />
                       <script type="text/javascript">
                           if(!("autofocus" in document.createElement("input")))
                           {
                               setTimeout(function(){
                                   document.getElementById("txtUserName").focus();
                               }, 10);
                             
                           }
                           </script>
                       <label for="txtPassword" class="boxLabel">Password:</label>
                       <input type="password" id="txtPassword" name="txtPassword" required="required" />
                   </fieldset>
                 
                   <fieldset id="submission">
                       <div id="buttons">
                           <input type="submit" id="btnSubmit" name="btnSubmit" value="Submit" onclick="return validateLogInForm()"/>
                           <input type="reset" id="btnReset" name="btnReset" >
                       </div><!--end buttons-->
                   </fieldset>
</p>
               </form>
           </div><!--end div class=formDiv-->
       </div><!--end div id=mainContent-->
               
       <?php include('includes/footer.php'); ?>
             
   </div><!--end div id=wrapper-->
</body>
</html>
<?php
}
?>


And then on the top of every other page put this:
<?php
session_start(); 
$_SESSION['url'] = $_SERVER['REQUEST_URI'];




If this is not right could someone explain how I am misusing this?
Also, if it is right what would I do about what is on lines 80 - 83 on the logIn page? Or is that correct? To me this seems to be completely incorrect. I feel the session variable should be set on line 54. Right after the username and password validation check.
And, would I still keep the "if (!isset($_SESSION['ValidLogIn'])){" within the logIn page or would I need to change that??

The reason this is most confusing is because the header information is contained within it's own .php page and an include statement is on every other page. I'm not sure if this messes anything up or if this doesn't affect a thing.

Also, I want to thank everyone who has helped me out with this so far. I appreciate the time and help you've put in and I believe I am learning a bit each time I re-read my postings. At least, it feels like I am.

This post has been edited by hugoriffic: 28 March 2013 - 04:14 AM

Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2