On Thu, 12 Aug 2004 14:34:11 -0600, Jed R. Brubaker <[EMAIL PROTECTED]> wrote: > Hello all. I am looking to create script will detect the page from which the > user just came so that after they do something on the current page (login) > it will send them back to the page they wanted. I was thinking about > $_SERVER['HTTP_REFERER'], but php.net says: > > 'HTTP_REFERER' > > The address of the page (if any) which referred the user agent to the > current page. This is set by the user agent. Not all user agents will set > this, and some provide the ability to modify HTTP_REFERER as a feature. In > short, it cannot really be trusted. > > Is this a big problem? Is there another technique I could use? >
It can be. Some firewalls (and some paranoid people) stop HTTP_REFERER altogether. Also, what would you do if the user failed their login? HTTP_REFERER would be set to the login page. What I've done in this situation is, when the person isn't logged in, before I redirect them to the login page, I store the current URL. (You can use cookies or a session). Once the login is done, redirect them back to the stored URL. -- DB_DataObject_FormBuilder - The database at your fingertips http://pear.php.net/package/DB_DataObject_FormBuilder paperCrane --Justin Patrin-- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
