asked on

Redirect after user login

Hello everyone,

I'm facing a problem and I can't get out of it.

I have a login page on my site, but the redirect redirects to the user's dashboard.
However, I would like if the user logs in through a page, any page, whether or not it contains parameters in the link, the redirect happens on that same page after logging in.

I tried several methods by combining javascript and PHP but I have no convincing results.

I am always redirected to the page without the parameters.
Here is my code and I ask for your precious help:

<?php
$page = $_SERVER["REQUEST_URI"];
echo "<script>location.reload();document.location.href='".$page."'</script>";

OR

echo "<script>window.location.reload();</script>";

OR
   
echo "var url = window.location.href;    
if (url.indexOf('?') > -1){
   url += '&key=".$page."'
}else{
   url += '?key=".$page."'
}
window.location.href = url;";

Open in new window

so if I'm sure domain.com/index.php it redirects me to the right page.
but if i am on domain.com/prod/product.php?key=123 it redirects me to domain.com/prod/product.php

Thank you

ASKER CERTIFIED SOLUTION

David H.H.Lee

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Jaber Ahmad

ASKER

Thank you David,

$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] === 443 ? "https://" : "http://";
$page_url = "{$protocol}{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
echo $page_url;
echo "<script>location.reload();document.location.href='".$page_url."'</script>";

Open in new window

shows me the full link of my page with my settings, but I am still redirected to domain.com/prod/product.php instead of domain.com/prod/product.php?key=123

David H.H.Lee

Try this fix:

echo "<script>location.reload(true);document.location.href='".$page_url."'</script>";

//OR, if you can get $page_url correctly, just remove location.reload()

Open in new window

Jaber Ahmad

ASKER

same problem :s
this is my only redirect code, I don't understand!

David H.H.Lee

if you can get $page_url correctly, just remove location.reload()

Jaber Ahmad

ASKER

None pass, I'm still redirected to the page without the parameters, yet $page_url displays the parameter well

echo "<script>location.reload();document.location.href='".$page_url."'</script>";
OR
echo "<script>location.reload(true);document.location.href='".$page_url."'</script>" ; 
OR
echo "<script>document.location.href='".$page_url."'</script>";

Open in new window

David H.H.Lee

Perhaps you may check if you have set any special RewriteRule in your config file?

Jaber Ahmad

ASKER

even when i hard key like this i get redirected to the page without parameters

echo "<script>document.location.href='domaine.com/prod/product.php?key=TC57'</script>" ;

Open in new window

David H.H.Lee

In this case, most likely you have set RewriteRule in .httaccess config file.

Jaber Ahmad

ASKER

here is my only redirect in my file

RewriteEngine On 
RewriteCond %{HTTPS} off 
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Open in new window

David H.H.Lee

Put no-cahe to your page and check again.

<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="0">

Open in new window

Lastly, try restart your server if still not working.

Jaber Ahmad

ASKER

same problem (cry)

David H.H.Lee

Try redirect to other page with query parameters instead.

echo "<script>document.location.href='https://www.google.com/search?q=test';</script>" ;

Open in new window

Jaber Ahmad

ASKER

with the same header and all the content of a new page without going through the login button, it works. but in my login page it refuses. Can I send the connection file for you to preview the complete code?

David H.H.Lee

Can you share your code here? Perhaps you may censored those credential information before share it here.

Jaber Ahmad

ASKER

Here is basically my login file

<?php

include($_SERVER["DOCUMENT_ROOT"]."/includes/header.php"); 

$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] === 443 ? "https://" : "http://";
$page_url = "{$protocol}{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";


if(isset($_POST['send_connection'])){

$txt_mail       = $_POST["txt_mail"];
$txt_password   = md5($_POST["txt_password"]);

$REQ = $pdo->query("SELECT * FROM tab_utilisateurs WHERE email='".$txt_mail."' AND password='".$txt_password."'");
$data = $REQ->fetch(PDO::FETCH_ASSOC);

if($REQ->rowCount() == 0) {
$msg_err = 'error';
} else {

if($data["conf_mail"] == 0) {
   $send_mail;
} else {

$_SESSION["CONNECT"]["USER_LOG"]["ID"]          = $data["id"];
$_SESSION["CONNECT"]["USER_LOG"]["NIC_HANDLE"]  = $data["nic_handle"];




echo '<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="0">';
echo "<script>document.location.href='".$page_url."'</script>";




}}} else {

if(isset($_GET["email"]))       {$txt_mail = $_GET["email"];}
if(isset($_GET["password"]))    {$txt_password = $_GET["password"];}

} else { ?>

<div align="center">
    <form action="<?php echo $_SERVER["PHP_SELF"] ?>" method="post" enctype="multipart/form-data" name="Form" autocomplete="off">

    <?php echo $msg_err.$msg_val; ?>

    <div class="form-floating mb-3">
      <input type="email" class="form-control text-monospace" autocomplete="off" id="txt_mail" name="txt_mail" required>
      <label for="txt_mail">Adresse e-mail</label>
    </div>

    <div class="form-floating mb-3">
      <input type="password" class="form-control text-monospace" autocomplete="off" id="txt_password" name="txt_password" required>


      

        <div class="float-start"><a class="btn btn-link btn-sm" href="/dashboard/recover/">Mot de passe oublié ?</a></div>
        <div class="float-end"><button type="submit" class="btn btn-info" name="send_connection">Se connecter</button></div>
   </div>
        

    </form>

</div>

<?php } ?>

<?php include($_SERVER["DOCUMENT_ROOT"]."/includes/footer.php"); ?>

Open in new window

David H.H.Lee

try use timer to do the redirect.

echo "<script>alert('".$page_url."');</script>"
echo "<script>setTimeout(function(){document.location.href='".$page_url."';}, 100)</script>";

Open in new window

David H.H.Lee

Have you use php redirect method?

header('Location: '.$page_url);
die();

Open in new window

Jaber Ahmad

ASKER

The alert shows me the page without the parameters and therefore the redirect too.
No, I don't have a header('Location: '.$page_url); in my header or in my footer (attached to the login page.php)

Jaber Ahmad

ASKER

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([a-zA-Z0-9]+)/?$ redirect.php?key=$1 [L] 
</IfModule>

Open in new window

Could this module create this problem expressly on the login page (which does not succeed) and not the test page (which passes)?

Jaber Ahmad

ASKER

I think I understand where the problem comes from.

Before I click on the "connection" button, I display the link+parameter and it works, my echo is correct.
But once I click the button, the setting gets deleted.

So either it's due to the <form action="<?php echo $_SERVER["PHP_SELF"] ?>"

Open in new window

either I got confused

Jaber Ahmad

ASKER

Thank you David for your precious help. The problem was resolved. Indeed, I was doing my redirect in the <form action=""...

Your code:

$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] === 443 ? "https://" : "http://";
$page_url = "{$protocol}{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";

Open in new window

was very profitable