views:

1464

answers:

4

Example:

  1. User is not logged in
  2. User has items in their shopping cart
  3. User goes to /checkout
  4. User is redirected to the /login page
  5. User logs in successfully and should be redirected back to the /checkout page

How does the login action know to redirect the user to checkout in this case? I want this to work in many different situations not just /checkout.

+3  A: 

Would a query string parameter in the login page be enough?

eg: www.example.com/Login.php?returnUrl=[someUrl]

After the authentication is successful, the user would get redirected to the url specified in the query string.

...

Edit: This is a general solution, it many not be an option given the framework you are using. But something to consider.

Amir
Thanks for the solution, but I would prefer for it to not be part of the url as a query string, just for maintenance and cleanliness...
If you don't want it to be part of the url then you need to store it in the session. POST would also be possible, but I wouldn't recommend it.
André Hoffmann
yes, storing it in the session/post would be an alternative approach that would also work.
Amir
It seems like stackoverflow uses this same method for their login to upvote/downvote
A: 

I posted a bit of the code from my "My_Form" class that has "referrer" tracking built in to the form on SO1249274. The other solutions posted there may help you solve your problem as well.

gnarf
I unfortunately find that HTTP_REFERER is always blank for me?
I've never had any problem relying on HTTP_REFERER, perhaps there is a server configuration issue?
gnarf
A: 

I've done where we redirect to /login with a simple parameter of 'comeback'. Login sees the parameter, and checks the referer to see that its one of our pages. If it is, it redirects back to that referer. Works really well. Otherwise, one can put the 'destination' of the redirect-after-login in a different parameter (wether it be a querystring or session or flashmessage)

Justin
I like the idea of using flash messages, thanks!
A: 

I use session variable to keep the requested URL. When he logs in successfully i do check if this session variable is set. If it is set, i do redirection to requested URL.