0
How do I redirect the user to the page they were browsing after the user logged in? I’ve seen solutions using $_SERVER['HTTP_REFERER'];, but I think it’s not a good idea, could help me with some example of code ?
Grateful
0
How do I redirect the user to the page they were browsing after the user logged in? I’ve seen solutions using $_SERVER['HTTP_REFERER'];, but I think it’s not a good idea, could help me with some example of code ?
Grateful
2
Implement URL storage in your process. Example:
to do this URL storage there is another option to: $_SERVER['HTTP_REFERER']; ?
@Felipelimadiniz HTTP_REFERER
is a server variable. The suggestion is to implement client-side.
1
With the $_SERVER['HTTP_REFERER']
, you will get the referrer
which was defined by the sent header, this is unreliable, but may reasonably believe in it for that purpose. You can also use a parameter in the URL to indicate which page is next.
One method used in both cases is to use the ?pagina=
, for example Twitter, Instagram, Facebook:
twitter.com/login?redirect_after_login=%2FInkeliz
instagram.com/accounts/login/?next=%2FInkeliz
facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FInkeliz
This indicates that after login it will go where the parameter indicates.
That way you can have a buttock, <div class="fazerLogin">LOGIN</div>
and use it to always add the parameter, for example:
$('.fazerLogin').attr('href',
'https://exemplo.com/login?next=' + encodeURIComponent($(location).attr('href'))
);
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>
<a class="fazerLogin" href="https://exemplo.com/login">LOGIN</a>
Place your mouse to "LOGIN" to see the new URL path.
So in PHP do the following:
Get the parameter next
.
Check the next
is valid, matches your domain.
Redirect the user.
For example:
// Define um URL padrão se não houver um válido
function linkEncaminhar($nomeParametro){
$url = 'https://exemplo.com/perfil';
if(isLinkValido($nomeParametro) === true){
$url = urldecode($_GET[$nomeParametro]);
}
return $url;
}
// Verifica se o URL é válido
function isLinkValido($nomeParametro){
$meuDominio = 'https://exemplo.com/';
return isset($_GET[$nomeParametro]) &&
is_string($_GET[$nomeParametro]) &&
substr( urldecode($_GET[$nomeParametro]) , 0, strlen($meuDominio)) === $meuDominio;
}
Thus:
$urlRedicionar = linkEncaminhar('next');
header('Location: ' . $urlRedicionar);
That way if the https://exemplo.com/login?next=https%3A%2F%2Fexemplo.com%2Fsobre-nos
is accessed after the login will go to https://exemplo.com/sobre-nos
.
/!\ CARING:
If there is a link of type
https://exemplo.com/configuracao?excluir_conta=true
without any kind of CSRF-Token, a person can make ahttps://exemplo.com/login?next=https://exemplo.com/configuracao?excluir_conta=true
, then after the person connects and will be redirected to such URL, which will delete the account, in this hypothetical situation!
There is such a problem on a state site "very famous"...
0
Can use header('location:pagina.ext');
Thanks for the help! Have some example code ?
Poxa champion, the example usually comes from an initial code of the AP, in the link of the duplicate has...
The header only contains the resource’s URI. Parameters such as querystrings and states (#ancora
) are ignored.
I didn’t understand man... Actually I understood, but what is the relationship with my answer ?
Browser other questions tagged php javascript angularjs
You are not signed in. Login or sign up in order to post.
It’s via ajax, modal or it comes off a page and goes to
login.php
? Do you want it to return to the source of the click? You can pass a variable to the redirect.– Papa Charlie
I am trying to do via PHP .... in the cases I am seeing the user eh directed to a specific page after login. What I need is for the user to continue on the page he was navendo after logging in. I still can not understand, because the header('Location:pagina.ext'); already specifies the page. If for example the user is not logged in, choose the product you want to buy, click the buy button and the site directs to the login/registration page. What I need is for it to return the purchase page that was before login was required.
– Felipe Lima Diniz
"the site directs to the login/registration page. What I need is for it to return the purchase page that was before login was required." Good in my view has a confusion there, if you want to allow him to choose products without logging in, the login can be done at the end, now that the choice parameters must go together after the login there is another 500...
– MagicHat