php code to redirect to page from where login requested

Question

4.00/5 (1 vote)

See more:

I am using some code to redirect to the page from where login is requested.
But the code is not working at all.

please help.
login.php:

XML

<?php

// Inialize session
session_start();

// Check, if user is already login, then jump to secured page
if (isset($_SESSION['username'])) {
header('Location: '.$_REQUEST['from']);

}

?>
<html>

<head>
<title>Kanu Bhawan - Member Login</title>
</head>

<body>

<h3>User Login</h3>

<table border="0">
<form method="GET" action="loginproc.php">
<tr><td>Username</td><td>:</td><td><input type="text" name="email" size="20"></td></tr>
<tr><td>Password</td><td>:</td><td><input type="password" name="password" size="20"></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td><input type="submit" value="Login"></td></tr>
<input type="hidden"  name="id">
</form>
</table>

</body>

</html>

?>

loginproc.php

PHP

<?php

session_start();
require "config.php"; 
$login = mysql_query("SELECT * FROM members WHERE (email = '" . mysql_real_escape_string($_POST['email']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");

// Check username and password match
if (mysql_num_rows($login) == 1) {
// Set username session variable
$_SESSION['username'] = $_POST['email'];
// Jump to secured page
header('Location: '.$_GET['from']);

}
else {
// Jump to login page
header('Location: login.php');
}

?>

fullprofile.php

PHP

<?php

// Inialize session
session_start();

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username'])) {
header('Location: login.php?from='.rawurlencode($_SERVER['REQUEST_URI'])); 
}

?>
<html>

<head>
<title>Secured Page</title>
</head>

<body>

<p>This is secured page with session: <?php echo $_SESSION['username']; ?>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>

</body>

</html>

please help

Posted 21-Sep-12 10:48am

Sourav Sarkar-SS

Updated 21-Sep-12 11:34am

v3

Add a Solution

Comments

Er. Tushar Srivastava 21-Sep-12 16:56pm

are you posting the address of the url from where you have come to this (current page ie login page)... inside the form through some hidden links ?

Er. Tushar Srivastava 21-Sep-12 16:57pm

Since if it is the case, then you must have to check what you are posting, since otherwise this code is correct...

[no name] 21-Sep-12 16:59pm

the second lase line means
header('Location: '.$_POST['from']);
$_POST['from'] contains nothing

[no name] 21-Sep-12 16:58pm

no hidden links
all the code is given.
please refer this.

Er. Tushar Srivastava 21-Sep-12 16:58pm

And as I have just seen, you are actually sending the 'from' into the url, in that case the $_POST['from'] will not work at all, use $_REQUEST['from'] or $_GET['from'] :-)

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Tadit Dash (ତଡିତ୍ କୁମାର ଦାଶ) · Answer 1 · 2012-09-21T11:01:00

Solution 1

You may find codes from the following links...
1. Back to previous page with header( “Location: ” ); in PHP[^]
2. redirect to page.[^]
3. Redirecting to the requested page after login[^]

Posted 21-Sep-12 11:01am

Tadit Dash (ତଡିତ୍ କୁମାର ଦାଶ)

Updated 21-Sep-12 11:02am

v3

Comments

[no name] 21-Sep-12 17:11pm

You didn't read the question
worthless links.
sorry for down vote.

Tadit Dash (ତଡିତ୍ କୁମାର ଦାଶ) 21-Sep-12 17:16pm

Oh ok...
I am sorry for this...
I thought of the requirement and searched for you.
Can't you implement the things discussed in the links or do u have completely different requirement ?

[no name] 21-Sep-12 17:27pm

I have completely different requirement.

[no name] 21-Sep-12 17:36pm

now you can help me.
I post all the code i have used.

Er. Tushar Srivastava · Answer 2 · 2012-09-21T11:03:00

Solution 2

Hi Friend,
Use this :

PHP

header('Location: '.$_REQUEST['from']);

It will work as the data 'from' is not posted but is sent into the url and is known as get method so better to keep yourself on safe side, use, $_REQUEST, yet you can also use $_GET

UPDATE 2:
I have found a problem, See the code inside login.php :

PHP

<form method="get" action="loginproc.php">
Username :<input type="Text" name="username" />
Password :<input type="password" name="password" />
<input type="hidden" name="from" value=<?php echo $_REQUEST['from']; ?>>
<input type="submit" value="Login">
</form>

As you can See I have added an extra hidden field which is posting the address of redirection alongwith the form so, now the error will not occur.

Also, you need a code revision, as this code is not very well implemented and I will suggest you to implement it correctly. You can use some data flowchart kind of diagram to see how the request will flow between the pages when a login event occurs, so that a user never fall into a loop wherein the browser says, "The Browser is redirecting in a way that it will never complete" So, better have a visual look of how the request flows between all the pages, it will become very easy then to handle such situations :-)

Hope it helped,
Regards
Tushar Srivastava

Posted 21-Sep-12 11:03am

Er. Tushar Srivastava

Updated 22-Sep-12 4:17am

v3

Comments

[no name] 21-Sep-12 17:13pm

error:

The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

Er. Tushar Srivastava 21-Sep-12 17:15pm

Ok.... Let me think for a while, since there is possible error in sending the address... Can you please post a snippet of code that you have just edited..

[no name] 21-Sep-12 17:17pm

from=/xampp/shadi/fullprofile.php?id=3
this is the quesrystring, which is sending
can we change it to only
fullprofile.php?id=3

instead of using
from='.$_SERVER['REQUEST_URI']);

Er. Tushar Srivastava 21-Sep-12 17:21pm

That will work possibly.. by the way, are you saving this project under C://xampp/htdocs/xampp/shadi/ ?
Please tell me this :-)

[no name] 21-Sep-12 17:26pm

yes

Er. Tushar Srivastava 21-Sep-12 17:28pm

Ok... then the generated url is correct, ok try to just use fullprofile.php?id=3 and test, it will work 101%

[no name] 21-Sep-12 17:31pm

how to get the url?

Er. Tushar Srivastava 21-Sep-12 17:36pm

Well the best method to get the url is, the same method you are using, but remove the encodeurl and test again, actually, I am also testing what makes your code not run, but till now I have not found any fault..

[no name] 21-Sep-12 17:35pm

I change the question and post all the code I used
please refer.

Er. Tushar Srivastava 21-Sep-12 17:42pm

My friend, all the code is correct, and actually I ran the same same code on my system, and it is working fine that too in firefox :)

[no name] 21-Sep-12 17:46pm

????????????????
then where i am facing problem
and why?

Er. Tushar Srivastava 21-Sep-12 17:53pm

Actually , your code didn't answered me one thing, where is the entry point... Is it the fullprofile.php since it is the only point I can see.. and seriously, I have tested your codes they are working perfectly on my system.. I copy pasted the codes and ran them.. I have IIS Server with PHP installed and I also have Xampp

Er. Tushar Srivastava 21-Sep-12 18:13pm

I have updated the answer...