Redirecting to previous page after login using HTTP_REFERER

  • (2 Pages)
  • +
  • 1
  • 2

26 Replies - 1430 Views - Last Post: 04 April 2013 - 08:57 AM Rate Topic: -----

#16 JackOfAllTrades  Icon User is offline

  • Saucy!
  • member icon

Reputation: 6058
  • View blog
  • Posts: 23,496
  • Joined: 23-August 08

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 28 March 2013 - 02:54 AM

As soon as you issue a header with Location: you must exit the current page or the remaining code on the page will execute. You're telling the browser to go immediately to the location in the header, but the script will continue running if you don't exit.

This is covered in the manual.
Was This Post Helpful? 0
  • +
  • -

#17 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 28 March 2013 - 03:40 AM

JackOfAllTrades,
Thanks for pointing that out. I knew I needed to exit but simply forgot to add the code when posting. Added the exit statement. Now, something about that doesn't look right. Shouldn't the header and exit be within the if statement? Sitting outside it like it is looks wrong.
Other than that would this code work? Am I headed in the right direction?

Lastly, I changed the page_on and previouspage to "url". Every example of this code I have run across uses the "url" and does not list an actual web address.

Well, I tried the code and it did not work. I tried it with "url" and by putting the actual web address in the places I believed they should go. Neither method worked.
I believe it is in my best interest to drop the class. I will not be able to pass if I cannot get this code to work.. Rather than getting a failing grade I would rather get a withdrawl.

This post has been edited by hugoriffic: 28 March 2013 - 05:01 AM

Was This Post Helpful? 0
  • +
  • -

#18 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 28 March 2013 - 10:31 AM

Is my If statement that checks for user input screwing me up here? Should I remove that code? I know that for most of you this is an obviously simple remedy but I can't figure out WHERE to put the code. I get the code. I understand the code. I just do not know where to put it.
Should it be written like this (although I don't know what to put on line 56):
<?php
session_start();

if(isset($_SESSION['www.example.com'])) 
     {
	 $url = $_SESSION['logIn.php'];
     }
else 
     {
	 $url = "index.php";
     }
	
header("Location: http://example.com/$url");
exit();
	 

//if username and password are empty display welcome message
if(empty($_POST['txtUserName']) &&  empty($_POST['txtPassword']))
     {
          showForm('Welcome');
	  exit();
     }	 
	
//validate text was entered in UserName text box
if(empty($_POST['txtUserName']) && isset($_POST['btnSubmit']))
     {
	    showForm('Please Enter A User Name');
	    exit();
     }
else
     {
	    $UserName = $_POST['txtUserName'];
     }
	 
//validate text was entered in password text box
if(empty($_POST['txtPassword']) && isset($_POST['btnSubmit']))
     {
	     showForm('Please Enter A Valid Password');
	     exit();
     }
else
     {
	     $Password = $_POST['txtPassword'];
     }
	 
	$UserName = $_POST['txtUserName'];
	$Password = $_POST['txtPassword'];
	 
//validate username and password match
if($Password != Password($UserName) && isset($_POST['btnSubmit']))
     {
	      showForm('User Name And Password Do Not Match!');
	      exit();
     }

$_SESSION['ValidateUser'] = $UserName;



Also lines 80 - 84 I know something is wrong with those but I can't figure that out either. Should those lines read:
if($username) === false)
{
     $password = null;
     exit();
}
else{
     $password = $username['USER_PASSWORD];
     include 'index.php';
}



I'm trying very hard to make sense of all this and I cannot tell if I am getting any closer or not. I'm looking for some guidance or mentoring. I'm not looking for anyone to write the code for me. I am looking for someone to walk me through how the logic should be presented though.
Was This Post Helpful? 0
  • +
  • -

#19 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 28 March 2013 - 12:04 PM

OK, I have scoured the internet and I know that I am very close to getting this.
I believe from my last post the very last line of code (56) needs to be something like this:
$_SESSION['logIn.php'] = $UserName;


This is setting up the session variable with the name logIn.php. That is what I want to set up on the logIn page. The value contained is $UserName which is a valid check in. Am I right?

Now the next part is to check to see if the session variable has been set, and if it has, then redirect them back to the page they were on before logIn.php. So should it be written like this??
<?php
session_start();

if(isset($_SESSION['logIn.php']))
	     {
	     $url = $_SESSION['pagename.php'];
	     }
	else
	     {
	     $url = "index.php";
	     }
	     
header("Location: http://example.com/$url");
exit();

The only thing is I do not know what to put in where I have the pagename.

Also, on every other page this code needs to be in place at the top of the page:
<?php
session_start();
$_SESSION['pagename.php'] = $_SERVER['REQUEST_URI'];


Once again, not sure what to put in where I have pagename.

Would the pagename.php be this: www.example.com/pagename..php ?? That way each page would have a different pagename.php and isn't that the URI?
Was This Post Helpful? 0
  • +
  • -

#20 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 03 April 2013 - 03:57 PM

Here is my last attempt to get help with this assignment as it is due in about 18 hours and I still cannot get it to work. Here is my latest code. Could someone please help me out with this? I really am struggling and nowhere is any help available but here. I have not asked anyone to write the code for me so all I want is a tutorial or someone to guide me through the logic. I'm at the end of my rope here and seriously need advice and help.

logIn.php:
<?php
session_start();

if(isset($_SESSION['UserName'])) {
   $url = $_SESSION['logIn.php'];
}
else {
   $url = "index.php";
}

if (!isset($_SESSION['UserName'])){

//if username and password are empty display welcome message
if(empty($_POST['txtUserName']) &&  empty($_POST['txtPassword'])) 
		{
			showForm('Welcome to Wiscon');
        	exit();
		}

//validate text was entered in UserName text box
if(empty($_POST['txtUserName']) && isset($_POST['btnSubmit']))
        {
           showForm('Please Enter A User Name');
           exit();
        }
   else
		{
           $UserName = $_POST['txtUserName'];
        }

//validate text was entered in password text box
if(empty($_POST['txtPassword']) && isset($_POST['btnSubmit']))
       {
           showForm('Please Enter A Valid Password');
           exit();
       }
   else
       {
           $Password = $_POST['txtPassword'];
       }

$UserName = $_POST['txtUserName'];
$Password = $_POST['txtPassword'];

//validate username and password match
if($Password != Password($UserName) && isset($_POST['btnSubmit']))
       {
           showForm('User Name And Password Do Not Match!');
           exit();
       }
       }
function Password($UserName)
{
   //database login
   $dsn = 'mysql:host=itsql.fvtc.edu;dbname=teamc';
   $username='teamc';
   $password='teamc';
   //variable for errors
   $options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
   //try to run code
   try {
   //object to open database
   $db = new PDO($dsn,$username,$password, $options);
   //check username against password
       $SQL = $db->prepare('SELECT * FROM user WHERE USER_NAME = :UserName and USER_PASSWORD = :Password');
	   $SQL->bindValue(':UserName', $UserName);
	   $SQL->bindValue(':Password', $Password);
	   $SQL->execute();
	   $username = $SQL->fetch();
			
			if($username === FALSE)
			{
				$Password = null;
				showForm('Invalid log in information.');
				exit();
			}
		if($username == TRUE)
                {
                     $_SESSION['UserName'] = $username['USER_NAME']; 
                     header("Location: http://itweb.fvtc.edu.com".$url");
                     exit();	
                }
         
       return $Password;
       $SQL->closeCursor();
       $db = null;
             
       } catch(PDOException $e){
           $error_message = $e->getMessage();
           echo("<p>Database Error: $error_message</p>");
           exit();
       }
       
}




Code at the top of every page to grab the URI
<?php
session_start(); 
$_SESSION['itweb.fvtc.edu'] = $_SERVER['REQUEST_URI'];




And the header.php page where all the changes are to take place if a valid log in was achieved.
<php
session_start();
	
//Check to see if user is logged in. If session does not exist, serve header without personal greeting. If session does exist, serve second header
	
if(isset($_SESSION['UserName'])){
	$UserName = $_SESSION['UserName'];
}
if (isset($_SESSION['UserName'])){?>{
	<div id="header">
	<div id="headerTop">
		<div id="greeting">
	             <p>Welcome <?=$UserName;?>!</p>		
		</div><!--end div id=greeting-->
		     <ul id="logIn">
			<li><a href="logOut.php">Log-Out</a></li>
			<li><a href="registerResponse.php">My Profile</a></li>
		     </ul>
	</div><!--end div id=headerTop-->
		
	<div id="headerBottom">
	<div id="logo">
		            	
	</div><!--end div id=logo--> 
	<div id="keyboard">
				
	</div><!--end div id="keyboard"-->
	</div><!--end div id=headerBottom-->          
	</div><!--end div id=header-->
	<?php
}
else {?>
<div id="header">
	<div id="headerTop">
	<div id="greeting">
	            		
	</div><!--end div id=greeting-->
		     <ul id="logIn">
			  <li><a href="logIn.php">Log-In</a></li>
			  <li><a href="registerResponse.php">Register</a></li>
		     </ul>
	</div><!--end div id=headerTop-->
		
	<div id="headerBottom">
	<div id="logo">
		            	
	</div><!--end div id=logo--> 
	<div id="keyboard">
				
	</div><!--end div id="keyboard"-->
	</div><!--end div id=headerBottom-->          
	</div><!--end div id=header-->
	<?php
	}
?>


Was This Post Helpful? 0
  • +
  • -

#21 laytonsdad  Icon User is offline

  • Cheese and Sprinkles
  • member icon

Reputation: 436
  • View blog
  • Posts: 1,852
  • Joined: 30-April 10

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 03 April 2013 - 04:04 PM

Errors?

Quote

if (isset($_SESSION['UserName'])){?>{

else {?>


Do you see anything wrong here?

This post has been edited by laytonsdad: 03 April 2013 - 04:05 PM

Was This Post Helpful? 0
  • +
  • -

#22 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 03 April 2013 - 04:10 PM

There should be no {?> in the if line.
Was This Post Helpful? 0
  • +
  • -

#23 laytonsdad  Icon User is offline

  • Cheese and Sprinkles
  • member icon

Reputation: 436
  • View blog
  • Posts: 1,852
  • Joined: 30-April 10

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 03 April 2013 - 04:25 PM

oops sorry your beginning PHP tag on header.php is missing a ?

see -> <php

This post has been edited by laytonsdad: 03 April 2013 - 04:27 PM

Was This Post Helpful? 0
  • +
  • -

#24 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 03 April 2013 - 04:27 PM

Thanks. I'll fix that.
Was This Post Helpful? 0
  • +
  • -

#25 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 03 April 2013 - 04:59 PM

Any other observations or helpful advice??
Was This Post Helpful? 0
  • +
  • -

#26 laytonsdad  Icon User is offline

  • Cheese and Sprinkles
  • member icon

Reputation: 436
  • View blog
  • Posts: 1,852
  • Joined: 30-April 10

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 03 April 2013 - 05:57 PM

Do you have a direct question? Errors?

This post has been edited by Dormilich: 03 April 2013 - 10:37 PM

Was This Post Helpful? 0
  • +
  • -

#27 hugoriffic  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 185
  • Joined: 16-September 09

Re: Redirecting to previous page after login using HTTP_REFERER

Posted 04 April 2013 - 08:57 AM

I finally figured everything out. I don't know how I couldn't see the issues I was creating for myself (maybe a case of looking at the code so long you no longer see it) but I resolved them.
I sat down and wrote out exactly what I wanted to do and in what order. Then I cleared all of my previous code and started fresh using the step by step process I had written out. Working through the logic this way made everything easier to code.
Here is the code I came up with for my logIn.php page:
<?php
session_start();
$validate_error = ''; 

// check where the user needs to be redirected to after successful login
$url = !empty($_SESSION['itweb.fvtc.edu']) ? $_SESSION['itweb.fvtc.edu'] : "index.php";

if(!empty($_SESSION['UserName']))
{
	 header("Location: $url"); 
	 exit();
}
elseif(isset($_POST['btnSubmit']) AND !isset($_SESSION['UserName'])) 
{
	if(empty($_POST['txtUserName'])) 
	{
		$validate_error = 'Please Enter A User Name';
		
	}else if(empty($_POST['txtPassword'])) 
	{
		$validate_error = 'Please Enter A Valid Password';
		
	}elseif(empty($validate_error)) 
	{
		$UserName = trim($_POST['txtUserName']);
		$Password = $_POST['txtPassword'];
		
		if($Password != Password($UserName, $Password, $url)) 
        {
           showForm('User Name And Password Do Not Match!');
           exit();
       }
	}else
	{
		showForm($validate_error); 
        exit();
	}
}else 
{
	 showForm('Welcome');
     exit();
}

function Password($LoginUserName, $LoginPassword, $url='index.php')
{
   //database login
   $dsn = 'mysql:host=XXX;dbname=XXX';
   $username='XXX';
   $password='XXX';
   //variable for errors
   $options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
   //try to run code
   try {
   //object to open database
   $db = new PDO($dsn,$username,$password, $options);
   //check username against password
       $SQL = $db->prepare('SELECT * FROM user WHERE USER_NAME = :UserName and USER_PASSWORD = :Password');
	   $SQL->bindValue(':UserName', $LoginUserName);
	   $SQL->bindValue(':Password', $LoginPassword);
	   $SQL->execute();
	   $username = $SQL->fetch();
			
		if($username === FALSE)
		{
			$LoginPassword = NULL;
			showForm('Invalid log in information.');
			exit();
		}
		if($username == TRUE)
         {
			 $_SESSION['UserName'] = $username['USER_NAME']; 
			 header("Location: $url");
			 exit();	
       }
         
       return $LoginPassword;
       $SQL->closeCursor();
       $db = null;
             
       } catch(PDOException $e){
           $error_message = $e->getMessage();
           echo("<p>Database Error: $error_message</p>");
           exit();
       }
       
}



I'm pretty sure from there you can figure out what I put on the top of every other page. So absolutely frustrated with myself for not writing the logic out on paper before attempting to code. It makes it so much easier when you can see what you want to do and in what order.
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2