Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    Jul 2007
    Posts
    61
    Thanks
    10
    Thanked 0 Times in 0 Posts

    session protecting webpages

    Hi,

    I am working on my website, where a few pages for the member's area are protected by user login via sessions.

    i.e.if the user tries to access a particular member's page without logging in, the user should be forwarded to the login page where the user has to enter the username/password. This members2.php. The form on members2.php has a form which sends the username/password to a login check script login-exec.php

    This is working fine, however, once after being forwarded to the logging in page, and after entering the right credentials, the user is forwarded to only a page called membersloggedin.php.


    What I want to be able to do is make login-exec.php remember which page the user earlier clicked to forward him/her to the page that he clicked once the authentication is verified.


    How can this be done ?

    Code:
    //Check whether the query was successful or not
    	if($result) {
    		if(mysql_num_rows($result)>0) {
    			//Login Successful
    			session_regenerate_id();
    			$member=mysql_fetch_assoc($result);
    			$_SESSION['SESS_MEMBER_ID']=$member['uname'];
    			$_SESSION['SESS_MEMNO']=$member['umembno'];
    			$_SESSION['SESS_MEMPASS']=$member['upass'];
    			$_SESSION['SESS_ULOGIN']=$member['ulogin'];
    			$_SESSION['SESS_UDUPER']=$member['uduper'];
    			session_write_close();
    			
    			header("location: membersloggedin.php");
    			
    			exit();
    		}else {
    			//Login failed
    			header("location: members2.php");


    How the can the header be changed on this page to remember the page the user clicked on the member's area and take him/her to the page that he/she clicked and not to membersloggedin.php everytime after a successful login.

    Any suggestions would be helpful.

    Thanks..

  • #2
    Regular Coder mlse's Avatar
    Join Date
    Mar 2005
    Posts
    624
    Thanks
    20
    Thanked 19 Times in 18 Posts
    You could buffer the script filename and arguments in a session variable (it sounds to me like you need to write a state-machine).
    Last edited by mlse; 01-11-2008 at 12:13 PM.

  • #3
    New Coder
    Join Date
    Jul 2007
    Posts
    61
    Thanks
    10
    Thanked 0 Times in 0 Posts
    I am pretty new to PHP, so, I dont follow you here. WHat exactly needs to be done ?

    Thanks..

  • #4
    Regular Coder mlse's Avatar
    Join Date
    Mar 2005
    Posts
    624
    Thanks
    20
    Thanked 19 Times in 18 Posts
    Ok,

    Let's say that the script you're starting with is mypage.php. So within mypage.php, you would have somewhere, something like:

    PHP Code:
    $_SESSION["remembered-page"] = $_SERVER[HTTP_REFERER];  //Note that you can work this out server-side too - more robust that way.
    $_SESSION["remembered-args"] = $_POST;  //Or however you are passing the args to the page - this is just an example. 
    Then, once the member has sucessfully logged in, you would have something like:

    PHP Code:
    header("location:".$_SESSION["remembered-page"]);  //Remember that you'll need to make use of $_SESSION["remembered-args"] when you-revisit the remembered page. 
    Clearly there's a a lot more to it than that, but that is the general conceptual principle.

    I mentioned the state-machine is because it is relevant to the concept:

    a state machine is a model of behavior composed of a finite number of states, transitions between those states, and actions.
    -- from wikipedia: http://en.wikipedia.org/wiki/Finite_state_machine
    Last edited by mlse; 01-11-2008 at 01:09 PM.

  • #5
    New to the CF scene
    Join Date
    Jan 2008
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Its really not that complicated. You store the page you want to go back to in a session variable before you redirect to the login page. You should also store the post variables in the session too. Then when they login, redirect to the page you stored. And when you get back to the page, copy the the post variables you stored in the session into the post superglobal.
    Last edited by Death_oClock; 01-12-2008 at 04:11 AM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •