You can also use $page = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
----- Original Message ----- From: "John Holmes" <[EMAIL PROTECTED]> To: "'Dennis Moore'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, April 27, 2002 8:49 PM Subject: RE: [PHP] Sessions and Query String Variable Handling > $page = $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"] . > $_SERVER["QUERY_STRING"]; > > That will recreate the URL that the user clicked on. Save that to a > variable before you check for a session. Once you start a session or > verify that one exists, use header() to send them back to that page. > > ---John Holmes. > > -----Original Message----- > From: Dennis Moore [mailto:[EMAIL PROTECTED]] > Sent: Saturday, April 27, 2002 2:37 PM > To: [EMAIL PROTECTED] > Subject: [PHP] Sessions and Query String Variable Handling > > Env: Apache 1.3.x/php4.0.6/mysql3.23.x > > Scenario: I have built a system that uses PHP sessions for user access. > Within the system I send user notifications via email. Within the > email are links to certain pages with variables. For example. > > http://mysite.com/view_page.htm?id=6 > > My system checks to see if the session is valid. Since the user is > coming from an email. There is no session. So the user is prompted for > the user and password. They enter and click submit. The authentication > passes the user to right page, but losses the variables in the query > string. Thus causing errors. > > Here is the authentication code... > #### set session settings from login form > if (!session_is_registered("valid_user") && $session_login=="proc") { > if ($userid && $password) { > // if the user has just tried to log in > > $db_conn = mysql_connect("localhost"); > mysql_select_db("$dbname", $db_conn); > $query = "select * from auth_users " > ."where auth_username='$userid' " > ." and auth_password='$password' "; > $result = mysql_query($query, $db_conn); > if (mysql_num_rows($result) >0 ) { > // if they are in the database register the user id > $valid_user = $userid; > $valid_group=mysql_result($result,0,"auth_group"); > $valid_perms=mysql_result($result,0,"auth_perms"); > $valid_auth_id=mysql_result($result,0,"auth_id"); > session_register("valid_user"); > session_register("valid_group"); > session_register("valid_perms"); > session_register("valid_auth_id"); > } else { > $invalid_login= "Invalid login: Could not log you in... > <!--ERROR: $dbname <P> $query-->"; > } > } > } > > Any Ideas on how to pass the query string variables through the > authentication process? > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
