i used header(Location:javascript:go.back(-2))..... it works like a charm... basicly it will go back to the history of the second (which is the page before login.page) all the variables are still there...
On Apr 8, 2005 1:38 AM, Patrick Bierans <[EMAIL PROTECTED]> wrote: > > > In light that everyone pointed out how insecure the HTTP_REFERER value is > > since it can be spoofed > > by the right browser and user... > > > > Why not write a small PHP function and include it in the top of every > > critical page. When the page > > is loaded your routine will check required credentials. If the user need > > to login to see the page > > then display another include. Do not refer them to another page or URL. > > Then you do not have to > > worry about where they came from to be able to send them back. Then once > > they have posted the sign > > on form it posted back to itself see PHP_SELF. > > > > This is all along the line of have a form page that when submitted sends > > the information to itself > > and not another form processing page. You can check the PHP variable to > > see if the form was > > submitted or if the user just landed on the given page. > > Again I point to my application structure example. It's really useful. > http://bierans.de/shared > > > Community email addresses: > Post message: [email protected] > Subscribe: [EMAIL PROTECTED] > Unsubscribe: [EMAIL PROTECTED] > List owner: [EMAIL PROTECTED] > > Shortcut URL to this page: > http://groups.yahoo.com/group/php-list > Yahoo! Groups Links > > > > > Community email addresses: Post message: [email protected] Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] List owner: [EMAIL PROTECTED] Shortcut URL to this page: http://groups.yahoo.com/group/php-list Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-list/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
