I'm using sessions with LDAP authentication. After the session expires, if the user clicks on anything on the current page, they're brought to the login screen. On login, they're dumped at the default home page. What's the best way to get the user back to where they were? Do I need to log each page visit to MySQL or something and look it up on login?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Return to last page after session expire
- Thread starter MikeM2468
- Start date
HTTP_REFERER might be used to capture the referring page that led to the login page.
log the last [x] page requests in a session variable. hopefully the session is expiring simply because of a timeout against a variable rather than a garbage collect (which would erase the session store).
if the session is being erased then you'll need to store the 'session' data in a persistent manner associated with the LDAP login.
if the session is being erased then you'll need to store the 'session' data in a persistent manner associated with the LDAP login.
- Thread starter
- #4
You might be looking at one step back in time when you really need to see two or more steps. This really depends on how you direct the flow of pages. Does a single page check authentication and if absent, include a login form on the same PHP page? Or does the page check authentication and if absent, redirect to another PHP page that says "you do not have access, click here to log in", and finally lead you to a third PHP login page? In the latter example, neither the HTTP_REFERER or last page visited session variable will work if you have a global include recording the URL of every page visited... because you don't want to be capturing that middle page in the history.
- Thread starter
- #6
This is what each page has for an included header:
As you can see, the second part throws an unauthorized message and a link to the login if they hit the page directly without a login.
Code:
session_start();
// set timeout period in seconds
$inactive = 900;
// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
$session_life = time() - $_SESSION['timeout'];
if($session_life > $inactive) {
session_destroy();
header("Location: /login.php");
}
}
$_SESSION['timeout'] = time();
if (!isset($_SESSION['user'])) {
echo ("Unauthorized Access");
echo ("<br />");
echo ("<a href=/login.php>Click here to login</a>");
exit();
}As you can see, the second part throws an unauthorized message and a link to the login if they hit the page directly without a login.
I'm faced with the same issue. I used jQuery to solve this by hooking and recording in a js var the [tt]href[/tt] of all clicked anchors. If a login is required and completed, I redirect the user to the href prior to the href that triggered the login form. This casues issues if your href is not a page (like if it were an ajax call). To get around this, I gave each anchor I wanted to capture a class="historyHook". This way, I only hook the anchor that have the class of "historyHook".
This works for me because I was able to take advantage of jQuery. Even though it's not an appropriate solution for this forum, it may provoke a PHP solution in someone.
-Geates
This works for me because I was able to take advantage of jQuery. Even though it's not an appropriate solution for this forum, it may provoke a PHP solution in someone.
-Geates
there is no magic to it, so i doubt a tutorial exists
the thing to be sure of is that you do not output any data at all to the browser (not even a space) before you have called goBack();
put the above in a library file that is always loaded first.
Warning: this is typed straight into the TT editor and not tested for syntax errors etc.
Code:
[b][COLOR=#0000FF]if[/color][/b][COLOR=#990000]([/color][b][COLOR=#000000]session_id[/color][/b][COLOR=#990000]()[/color] [COLOR=#990000]==[/color] [COLOR=#FF0000]''[/color][COLOR=#990000])[/color] [b][COLOR=#000000]session_start[/color][/b][COLOR=#990000]();[/color]
[b][COLOR=#000000]cachePages[/color][/b][COLOR=#990000]();[/color]
[b][COLOR=#0000FF]function[/color][/b] [b][COLOR=#000000]cachePages[/color][/b][COLOR=#990000]()[/color][COLOR=#FF0000]{[/color]
[b][COLOR=#0000FF]if[/color][/b] [COLOR=#990000](![/color][b][COLOR=#0000FF]isset[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_POST[/color][COLOR=#990000])[/color] [COLOR=#990000]||[/color] [b][COLOR=#000000]count[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_POST[/color][COLOR=#990000])[/color] [COLOR=#990000]==[/color] [COLOR=#993399]0[/color][COLOR=#990000]):[/color] [i][COLOR=#9A1900]// this is not a post so probably non-idempotent and ignore it[/color][/i]
[COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]][][/color] [COLOR=#990000]=[/color] [b][COLOR=#0000FF]array[/color][/b][COLOR=#990000]([/color][COLOR=#FF0000]'request'[/color][COLOR=#990000]=>[/color][COLOR=#009900]$_SERVER[/color][COLOR=#990000][[/color][COLOR=#FF0000]'REQUEST_URI'[/color][COLOR=#990000]],[/color] [COLOR=#FF0000]'queryString'[/color][COLOR=#990000]=>[/color][COLOR=#009900]$_GET[/color][COLOR=#990000]));[/color]
[b][COLOR=#0000FF]endif[/color][/b][COLOR=#990000];[/color]
[b][COLOR=#000000]cleansePageCache[/color][/b][COLOR=#990000]();[/color]
[COLOR=#FF0000]}[/color]
[b][COLOR=#0000FF]function[/color][/b] [b][COLOR=#000000]cleansePageCache[/color][/b][COLOR=#990000]()[/color][COLOR=#FF0000]{[/color]
[b][COLOR=#0000FF]if[/color][/b][COLOR=#990000]([/color][b][COLOR=#000000]count[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]])[/color] [COLOR=#990000]<=[/color] [COLOR=#993399]10[/color][COLOR=#990000])[/color] [b][COLOR=#0000FF]return[/color][/b][COLOR=#990000];[/color]
[b][COLOR=#0000FF]for[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$i[/color] [COLOR=#990000]=[/color] [b][COLOR=#000000]count[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]]);[/color] [COLOR=#009900]$i[/color] [COLOR=#990000]<=[/color] [COLOR=#993399]10[/color][COLOR=#990000];[/color] [COLOR=#009900]$i[/color][COLOR=#990000]--):[/color]
[b][COLOR=#000000]array_shift[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]]);[/color]
[b][COLOR=#0000FF]endfor[/color][/b][COLOR=#990000];[/color]
[COLOR=#FF0000]}[/color]
[b][COLOR=#0000FF]function[/color][/b] [b][COLOR=#000000]goBack[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$x[/color] [COLOR=#990000]=[/color] [COLOR=#993399]1[/color][COLOR=#990000])[/color][COLOR=#FF0000]{[/color]
[COLOR=#009900]$locationBits[/color] [COLOR=#990000]=[/color] [b][COLOR=#0000FF]isset[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]][[/color][b][COLOR=#000000]count[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]])[/color] [COLOR=#990000]-[/color] x[COLOR=#990000]])[/color] [COLOR=#990000]?[/color] [COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]][[/color][b][COLOR=#000000]count[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]])[/color] [COLOR=#990000]-[/color] x[COLOR=#990000]][/color] [COLOR=#990000]:[/color] [COLOR=#FF0000]''[/color][COLOR=#990000];[/color]
[b][COLOR=#0000FF]if[/color][/b] [COLOR=#990000](![/color][b][COLOR=#000000]is_array[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$locationBits[/color][COLOR=#990000]))[/color] [b][COLOR=#0000FF]return[/color][/b] false[COLOR=#990000];[/color]
[b][COLOR=#0000FF]if[/color][/b][COLOR=#990000]([/color][b][COLOR=#000000]headers_sent[/color][/b][COLOR=#990000]())[/color] [b][COLOR=#0000FF]return[/color][/b] false[COLOR=#990000];[/color]
[b][COLOR=#000000]session_write_close[/color][/b][COLOR=#990000]();[/color]
[b][COLOR=#000000]header[/color][/b][COLOR=#990000]([/color][COLOR=#FF0000]"Location:"[/color][COLOR=#990000].[/color] [COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]][[/color][b][COLOR=#000000]count[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]])[/color] [COLOR=#990000]-[/color] x[COLOR=#990000]][[/color][COLOR=#FF0000]'request'[/color][COLOR=#990000]][/color] [COLOR=#990000].[/color] [COLOR=#FF0000]'?'[/color] [COLOR=#990000].[/color] [b][COLOR=#000000]http_build_query[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]][[/color][b][COLOR=#000000]count[/color][/b][COLOR=#990000]([/color][COLOR=#009900]$_SESSION[/color][COLOR=#990000][[/color][COLOR=#FF0000]'pages'[/color][COLOR=#990000]])[/color] [COLOR=#990000]-[/color] x[COLOR=#990000]][[/color][COLOR=#FF0000]'queryString'[/color][COLOR=#990000]]));[/color]
[b][COLOR=#0000FF]die[/color][/b][COLOR=#990000]();[/color]
[COLOR=#FF0000]}[/color]the thing to be sure of is that you do not output any data at all to the browser (not even a space) before you have called goBack();
put the above in a library file that is always loaded first.
Warning: this is typed straight into the TT editor and not tested for syntax errors etc.
- Thread starter
- #9
- Thread starter
- #11
- Thread starter
- #13
- Status
Similar threads
