i have a problem to redirect user to the requested page after login.
1-this are my files:login.php,register.php,protected.php,plan1.php,member.php et plan2.php,home.php
2-plan1,plan2, and member have a check before people have access.
3-when a user click on plan1 for exemple and get redirect on login.php
4-My problen is after logged in he goes directly to member.php
5-I would like that the user get redirect to plan1.php cause that's the page he wanted to visit.

i found a couple a solution but they didn't work.
///////////////////////////////////////////////////////////////////////////////////////
plan1.php

<?php

session_start();

if(!isset($_SESSION['username'])) 
{
header('Location: login.php');

exit;
}
?>

///////////////////////////////////////////////////////////////////////////////////////
login.php

<?php
session_start();

echo "<h1>Se connecter</h1>";

if(isset($_POST['submit']))
{
    $username=htmlspecialchars(trim($_POST['username']));
    $password=htmlspecialchars(trim($_POST['password']));

    if($username&&$password)
    {
    $password=md5($password);   
    $connect=mysql_connect('localhost','root','');
    mysql_select_db('test');

    $log=mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' ");
    $rows=mysql_num_rows($log);
    if($rows==1)
    {
    $_SESSION['username']=$username;    
    //header ('Location: membre.php');
    header('Location:membre.php'.$_GET['previouspage']);

    }else echo "Username/password is not valid";



    }else echo"Data missing";

}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>

<body>
<form method="post" action="login.php">
<p>Votre nom d'utilisateur</p>
<input type="text" name="username" />
<p>Votre password</p>
<input type="password" name="password" />
<p>
<input type="submit" value="Connect" name="submit" />
</p>
</form>
<p><a href="register.php">Register</a></p>
<p><a href="accueil.php">Welcome</a></p>

</body>
</html>

///////////////////////////////////////////////////////////////////////////////////////////////
membre.php

<?php
session_start();
if(isset($_SESSION['username'])){

    echo "Welcome" .$_SESSION['username']."<br/> <a href='logout.php'>Logout</a>";
    }
    else
    {
    header('Location:login.php');
}
?>

///////////////////////////////////////////////////////////////////////////////////////////////////

protected.php

<?php include 'login.php'; ?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
Sorry you need to be a member to have access!
</body>
</html>

///////////////////////////////////////////////////////////////////////////////////////////////////////

home.php

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<p>
<?php
echo '<a href="plan1.php?previouspage='.urlencode($_SERVER['REQUEST_URI']).'">Plan1</a>';
?>
<br />
<?php
echo '<a href="plan2.php?previouspage='.urlencode($_SERVER['REQUEST_URI']).'">Plan2</a>';
?>
</p>
</body>
</html>

Thanks in advance.

The best way to do it is send the redirect parameter in the url to the login screen from the page that the user is currently on, and then when successfully logged in, check for the redirect and adjust the location header.

e.g. on plan1.php:

header('Location: login.php?redirect=plan1.php');

on login.php after verifying username/pass:

if (isset($_GET['redirect'])) {
    header('Location: ' . $_GET['redirect']);
} else {
    header('Location: member.php');
}

Your sql query $log=mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' "); ignored upper/lower letters and considers "e"=="é" etc, i recommended this: $log=mysql_query("SELECT * FROM users WHERE username LIKE BINARY '$username' AND password LIKE BINARY '$password' ");

if($rows==1) is not good "1" can be understood as TRUE considered as 1 or 2 or 3 or etc

Thx guys for those syntax mistakes, i've change them.
Anthony, i've made the modification like your suggest me but i still go directly to member.php

login.php

if($rows==true)
    {
    $_SESSION['username']=$username;    

    if (isset($_GET['redirect'])) {
        header('Location: ' . $_GET['redirect']);
    } else {
        header('Location: member.php');
    }

    }else echo "Nom utilisateur/password invalide";



    }else echo"Veuillez saisir tous les champs";

}
?>

///////////////////////////////////

home.php

<body>
Accueil
<p>
<?php
echo '<a href="plan1.php">Plan1</a>';
?>
<br />
<?php
echo '<a href="plan2.php">Plan2</a>';
?>
</p>
</body>

////////////////////////////////////////
plan1.php

<?php

session_start();

if(!isset($_SESSION['username'])) 
{
header('Location: login.php?redirect=plan1.php');
exit;
}
?>

what i forget to do?
Thx.

Does the browser go to 'login.php?redirect=plan1.php' when you go to the plan1.php page? Also, try testing with echo $_GET['redirect']; exit; from the login page just to check whether the redirect is getting across to the login page.

Try my suggestion above for checking whether the login.php page actually recognises that a redirect has been passed. Just below $_SESSION['username']=$username; in the login file, put:

echo $_GET['redirect'];
exit;

Now try and click the plan1 link again. You should see the redirect link 'plan1.php' written on the screen. If it doesn't, try $_REQUEST['redirect'].

like i said, redirected to login page, works fine and i can see the my requested link on my browser. so i think something is missing somewhere but where? :)

this is the error i get "Undefined index: redirect in C:....":

I'm not sure what to suggest as I can't reproduce this problem. Just try and make sure nothing's changing $_GET['redirect'] on login.php and try using $_POST and $_REQUEST instead of $_GET.

thx Anthony for your help! i keep you posted so i found the right way to to do that.

no problem :)

Since you have the session open at that point, it seems simplest just to use that. Save the path to the page that redirects to the login page in the session, and then once the login is successfull, use that session value to redirect back to that page.

In the pages that redirect to login.

if (/* Is not logged in */) {
    $_SESSION["login_redirect"] = $_SERVER["PHP_SELF"];
    header("Location: login.php");
    exit;
}

In the login page.

// Do the login stuff...

if (/* Login is successful */) {
    // Do whatever it is you have to do to finish the login...    

    // Then check if the login_redirect is set, and use that.
    // Otherwise just redirect back to members.php.
    if (isset($_SESSION["login_redirect"]) {
        header("Location: " . $_SESSION["login_redirect"]);

        // And remember to clean up the session variable after
        // this is done. Don't want it lingering.
        unset($_SESSION["login_redirect"]);
    }
    else {
        header("Location: members.php");
    }
    exit;
}

Thanks a lot Alti, you made my day. Everything works fine.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.