How do you pass in a redirect URL into a mod_rewritten page

views:

197

answers:

How do you pass in a redirect URL into a mod_rewritten page

I mod_rewrite my pages very similar to how SO does it. I have www.example.com/users/login/ which will internally use users.login.php which acts as a controller. I want to pass in a parameter as a page to redirect to once the login is complete.

If you pass in a relative URL you end up with a very peculiar looking URL because you are passing in something like questions/ which looks like users/login/questions/ instead of login.php?redir=questions.php

Does anyone have any comments or solutions for how this can be worked out nicely without polluting the URL horribly? I think the way SO handled it was to put the login form ON the "Ask Question" page. I suppose that is a solution but I'm looking for other possibilities.

Edit: It seems like using $_SERVER['HTTP_REFERER'] is the best solution so far. Is there any reason not to use it? I realize you can fake the referer but will that actually cause any damages?

+3 A:

I use hidden field in the login form that contains the url and it works for me. you can try that too.

create hidden input field.
set the value of the input field to $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
get posted url and redirect user to that url.

Note: HTTP_REFERER is not always set.

Mohamed 2009-01-27 18:10:08

That doesn't really solve my problem though. How am I going to get that data to the login page?

Joe Philllips 2009-01-27 18:20:41

You have one default value and otherwise add data in the page that sends the user to login page.

Joe Soul-bringer 2009-01-27 18:45:38

Who says I have a form in the first place?

Joe Philllips 2009-01-27 18:55:49

you have not told us too how you get a user's username and password. are you using ldap or openid to authenticate user?

Mohamed 2009-01-27 19:08:50

It doesn't matter. I could have a blank login.php and it wouldn't matter. That doesn't solve the problem of how I get the information INTO that page from another page.

Joe Philllips 2009-01-27 19:10:26

I'll try rewriting the question better so it's clearer.

Joe Philllips 2009-01-27 19:12:13

I see what you mean now. I can use the referer and put that into a hidden field. Then the hidden field goes to the POST output when login.php is posted back to. Then I can redirect from that.

Joe Philllips 2009-01-27 19:56:09

You can have the answer if you re-explain the answer more clearly.

Joe Philllips 2009-01-27 19:57:20

Now we're on the same page.

Joe Philllips 2009-01-28 18:06:10

Why don’t you use a URL like /users/login/?r=/questions/? Or if you don’t want to use the URL to take the return address along, you could use the HTTP referrer.

Gumbo 2009-01-27 18:29:01

Ah, referrer might work.

Joe Philllips 2009-01-27 18:29:56

Or you use a cookie or JavaScript and abuse the window.name property to store the location.

Gumbo 2009-01-27 18:32:00

+1 A:

Best practice for storing a previous page visted is to use the $_SESSION global. Using HTTP_REFERER for anything besides statistics is asking for user abuse since you can easily fake a referer.

Check out this link about storing multiple session IDs in a cookie. http://bytes.com/groups/php/7630-handling-multiple-sessions

gradbot 2009-01-27 18:47:01

There is potential for there to be 2 windows open which would mess up the session method

Joe Philllips 2009-01-27 19:13:38

I realize it was a small answer but you can store multiple session ids in a cookie. Check out this link. http://bytes.com/groups/php/7630-handling-multiple-sessions

gradbot 2009-01-27 19:45:53

That opens up a whole can of worms. 2nd best answer tho.. +1

Joe Philllips 2009-01-27 19:58:15

ansaurus

tags:

views:

answers:

How do you pass in a redirect URL into a mod_rewritten page

related questions