Passing Variables from HTML to and through PHP

[Strangeplant]

Hi, I have a html page that has several <a href='somepageurl'> tags. They call their respective php pages.

BUT! if the user is not logged on (no cookie), the user is immediately redirected to a logon page, where he is compared to the database, a session is started and a cookie is written, finally redirected (via Header Location: ) to index.php So, I need to determine which page he originally called to add the correct logic to get to the additional header location: redirects. How to pass a variable from a html page to the first php page to the second php page where sessions is started (which wipes out variables) and then to select the right final php page to go to?

So, it is supposed to go like this:

<a href 1,2,3,etc> THEN TO php page1,2,3,etc(check only cookie & session - nothing set) THEN REDIRECT TO logon page(session start & set cookie after validation) THEN REDIRECT TO php page 1,2,3,etc(check cookie & session again)

Of course the person MAY already have a valid cookie set, and that is validated in the php page, so the logon page may be skipped IF there is a valid session still current. Has anyone done something like this before? Iwould really appreciate your help. Thanks.

[thetestingsite]

I have done this several times. What you could do with the redirect page is either take the HTTP_REFERRER (spelling?) and use that in your header redirect. Or you could make a variable in each page (I'm assuming your logic is as follows:

Code:

if ($loggedIn == FALSE) {
header('Location: login.php');
}

else {
//continue with page

If that is the case, you could make a variable for the redirect. For example:

Code:

if ($loggedIn == FALSE) {
header('Location: login.php?redirect='.$_SERVER["PHP_SELF"]);
}

else {
//continue with page

Hope this helps with the redirect.

[Twey]

either take the HTTP_REFERRER (spelling?) and use that in your header redirect.

Your spelling is correct; however, the HTTP specification spells it incorrectly ("HTTP_REFERER") so we have to use this instead. This is a terrible idea, since the Referer header is stripped by many firewalls and proxies. People using these will be unable to log on.

Or you could make a variable in each page

Sessions are the easiest way to accomplish this. See here for an example.

[djr33]

It's also possible to just send the URL as a get variable....
<a href="<?php echo 'next.php?lastpage='.urlencode($_SERVER['REQUEST_URI']); ?>">

Sessions could do this, though, sure.

[Twey]

Possible, but not nearly as pretty, and much harder to keep track of.

[djr33]

Well, not sure what you mean by keep track of. It's easy to find. With a sessions or cookies setup, it could get complex if there's a lot going on.

As for pretty, no, it isn't. But it's simple. If this is a one page thing, I see that as a good idea.... no need for setting up sessions for the whole thing.

[Twey]

Well, not sure what you mean by keep track of. It's easy to find.

To pass a GET variable between pages without dropping it once is very difficult, especially if there are more than one possible route through the site. It becomes necessary to manually modify every link and form.

With a sessions or cookies setup, it could get complex if there's a lot going on.

Not so. You store the value in $_SESSION, then retrieve it when it's necessary. Simple as that.

[djr33]

It depends on exactly what's happening with the pages. If you needed to keep track of the last three pages, you would have to move $page2 to $page3, etc, though with just refreshing, you'd need to account for not replacing those, etc.
And, you'd have to setup sessions in the first place.

But I'm not suggesting my solution as an alternative for sessions on the whole site, jus for, specificially, if you need ONE page to lead to the next, as would be available with the HTTP_REFERER variable.

Yes, using get would be a nightmare, such as if someone just typed in the address by hand. I'm only referring to one generation of links

[Strangeplant]

Meanwhile, I've added to the top of the second page just after the session_start();

Code:

$uri="Location: ".basename($_GET["redirect"]);

and in the checking function

Code:

header('Location: index2.php?redirect='.$_SERVER["PHP_SELF"]);

and the redirect of

Code:

  header($uri);

Doesn't work, and I think the reason why is that the second page is recursive, (for rewriting/displaying the page again on form completion errors, etc) and the second entry does not have the URL appended

Code:

index2.php?redirect=/xxx/yy/zzz/program.php

as the first entry does. Haven't found a way around this yet.....because on the second entry, the $uri variable is null, but I think that the session is the same. BTW, this is php 5.x

[Strangeplant]

I realize this is Friday of a US 3-day weekend, but I need to continue to resolve this. I've gotten this far with your advice. The first time the third page executes, it now starts correctly as,

Code:

http//www.domain.com/xxx/yy/zzz/index2.php?redirect=/xxx/yy/zzz/program.php

But I realize now the problem is that the second time (and others if the entries are incomplete) the recursive third page executes, it has a URL of just the page, and it doesn't contain the previous wanted and correct $_GET part, i.e., it is

Code:

http://www.domain.com/xxx/yy/zzz/index2.php

and not the needed

Code:

http//www.domain.com/xxx/yy/zzz/index2.php?redirect=/xxx/yy/zzz/program.php

Of course this page, index2.php contains the php code to generate its html code, and I think that there should be something there to control the URL, perhaps I need to change something in the $_SERVER or $HTTP_SERVER_VARS arrays, (like $_NEXT_URL=$_LAST_URL )or maybe add something to the html generator, which now starts with this function:

Code:

function _begin_html()
{
  ?>
  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
  <html>
  <head>
    <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
    <link rel="STYLESHEET" type="text/css" href="lib/style.css">
    <title>Data Access Authentication</title>
  </head>
  <body>
  <?
}

I figure that if the URL ALWAYS contains the redirect part, then the $_GET will always retrieve the target link and the header location statement will be correct. I just can't find the solution, so please, I need just a little bit more help. Thinking that I can do something like this:

Code:

$_SERVER['THER_RIGHT_VARIABLE']=$SERVER['SCRIPT_NAME'].'?'.$SERVER['QUERY_STRING']

I'm half way there now, but what is the right variable? Please let me know how to do this. Thanks