Send header to "redirect" entire window?

Question

So in my php authentication library, if someone is not logged in, they are redirected to the home page:

redirect('home/index');

The problem is that I have some modal windows that load content through ajax. If a user somehow is logged out (but still on a page where they're "logged in") then the modal shows the login page since the modal was "redirected" to the home page.

This problem can occur if the user hasn't done anything for a long time (and is logged out), or if they have multiple tabs open and sign out on one of them but on the other try to open a modal popup.

Is there a way to redirect the whole window?

Answer 1

Well, if you send HTML into the modal dialog and you don't want to change that, you can always check if the login form is in the response. If the form is there, redirect the whole window. Let's say your login form id in "login_form", your ajax callback would look something like this:

function(data){
    if($(data).find("#login_form").length>0)
        location.href="/login_url"
    else{
        //handle the ajax response
    }
}

Answer 2

A simple solution could be to include a hidden-tag or another kind of flag into the Ajax-result in order to find out if the user is still "logged-in". If he is not then do something like window.location.href="myserver.com/home/"; in the callback function of the Ajax-request.

Answer 3

The application that I work on now did the same thing in the past - the solution: If it's a function called by ajax and if they're logged out, just echo a simple "logout" and check for it on the javascript ajax return and use the location.href property to redirect the user.

Answer 4

You can always redirect the whole window using the header function, redirecting the user to whatever page you so desire.

<?php header('Location: myserver.com/home/'); ?>

Answer 5

Another approach could be to have your authorizator react differently to your xmlhttprequest ... by analizing the $_SERVER['HTTP_X_REQUESTED_WITH'] variable. If you can conclude that the request is sent by a "XMLHttpRequest" you could display a login form in the modal without doing the redirect. This way the user isn't redirected to another page to again log in but he can log in right from the dialog he opened and continue where he left off.

This ofcourse requires some clientside modifications in your script to handle the loginform submit ect ... but is the most elegant solution in terms of usability.

Answer 6

two solutions:

1) set a javascript functions on the main page the every x seconds check the cookie, if does not exist, redirect the entire page

location.href="login.php"

2) in the page loaded with ajax, set a javascript code to redirect, you cannot do it with PHP as the script cannot know the context, is just a pre-processin of the result of the request. Javascript code that can be printed out with PHP anywhere (body included)

  if (notLogged){
      window.redirect='login.php';
    }

Answer 7

Using Session before the opening of the modal. On every next click or submit there should be a session check and it will be redirected.