When to use $_SERVER["REQUEST_URI"] and why?

Black Sulfur
Black Sulfur used Ask the Experts™
on
I had this question after viewing Reverse asset logic not working.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Dave BaldwinFixer of Problems
Most Valuable Expert 2014
Commented:
$_SERVER["REQUEST_URI"] is the current page you are on.  In your previous question you had...
$_SESSION["entry_uri"] = $_SERVER["REQUEST_URI"];

Open in new window

which saves the current page in a Session variable.  You could read that value on other pages to see where you started in the current session.  This is useful when you have more than one page that people 'land on'.  I have been using cookies to remember landing pages but that is partly because a number of the pages are just HTML and not PHP.
Most Valuable Expert 2017
Distinguished Expert 2018

Commented:
The question is far too broad for a simple answer.

The server variable in question stores the full request URI for the current page - the uses for this information are varied including but not limited to

- Page Tracking
- Redirection (example after sign on)
- Routing
Most Valuable Expert 2011
Top Expert 2016
Commented:
In the context of this article, the "entry URI" is the web address of the page that was used to enter the web site, whether or not the client is presently logged in.  Here's why this matters.  

Let's say you have visited the site, logged in, and found an access controlled page that you want to share with a colleague, or that you want to bookmark.  The link to that page does not contain your login information; the page remains password protected.  So if you send me the link, when I visit the page, the access control routines will see that I do not have the session indicator that I'm logged in.  The access control routines will store the entry URI and send my browser to the login page.  After the login is successful, the site will redirect the browser back to the entry URI page.  

Without this scheme, the client browser does not know where to go after the login is complete.  Some sites might send you to the home or "welcome" page, but if that's what you want, why not just bookmark the home page?  The point of the design is to preserve the access control environment and at the same time give the client as much control as possible, resulting in a sensible design for both the client and server.

If you've checked the "remember me" box, there is a separate cookie that tells the site that you have already been authenticated, and no separate login is needed until the cookie expires.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial