PHP header and $_SESSION?

Up vote 1 down vote favorite share g+ share fb share tw.

Mod=admin will redirect to login. Php After authentication I would like to redirect user to page he came from with CMS functionalities enabled For that I store current page url in a session before user go to login. Php url.class.

Php script function curPageURL() { session_start(); $pageURL = 'http'; if ($_SERVER"SERVER_PORT"! = "80") { $pageURL . = $_SERVER"SERVER_NAME".

":". $_SERVER"SERVER_PORT". $_SERVER"PHP_SELF"; } else { $pageURL .

= $_SERVER"SERVER_NAME". $_SERVER"PHP_SELF"; } $_SESSION'url' = $pageURL; } Login. Php script: if validation successful I start a session and TRY to redirect user to page he came from: if($num_rows == 1){ session_start(); $_SESSION'username'; header('Location: ' .

$_SESSION'url'); } I get a "session had already started" error. But if I redirect to a specific page (homepage for instance) then all is working fine. For instance -> header('Location: index.

Php'); php session redirect header link|improve this question edited Mar 18 '11 at 14:57 asked Mar 18 '11 at 11:29Greg162 0% accept rate.

– hcb Mar 18 '11 at 11:33 If $_SESSION'username' exist then I know user is logged in – Greg Mar 18 '11 at 11:34 in that case you have to put an if (isset($_SESSION'username')){ } around the header instead of that line. The redirect should work though, if the url is correct and you don't output any html before the header statement. – hcb Mar 18 '11 at 11:36 you know you have to use session_start() also in the function curPageURL?

– hcb Mar 18 '11 at 11:42.

I get a "A session had already been started" error. – Greg Mar 18 '11 at 12:18 then chances are you have session_start() declared elsewhere in your code and this has been executed prior to the declaration here. Comment out session_start() and see what happens.

Also as somebody else mentioned $_SESSION'username' needs to be contained in an if statement to actually do something. – Adam Pointer Mar 18 '11 at 12:22 http_referer is not always available, and may not be the page from which the user came. It's user-provide data and can contain literally anything.

– Marc B Mar 18 '11 at 14:29 Good call Marc, referer headers can be disabled in the browser. – Adam Pointer Mar 18 '11 at 15:05 Every page of the site contains url.class. Php (which saves current page url).

So yes a session_start() is already declared. Does it mean that by removing "session_start();" from login. Php function, session is still active and $_SESSION'username' will be created?

– Greg Mar 18 '11 at 15:47.

In url.class. Php, has you already started the session? Your problem could be that you haven't started the session, and hence no session data can be stored.

In your url.class. Php try checking that the session variables hold the values that you want.

I amended my post - yes I started the session in url.class. Php - that's why I'm getting an error when doing -> header('Location: ' . $_SESSION'url'); – Greg Mar 18 '11 at 13:28.

Anywhere on my website user can start CMS I assume you mean that the website is implemented via a CMS and that the user can gain access to elevated privileges / additional functionality at any stage by appending to the query string. Store current page url in a session Erk. This is not the right place to store this information - it should be passed via the URL (or via POST - but that's not going to work across redirection): session_start(); if (!is_auth_for_cms() && $_GET'mod'=='admin') { // simplified a bit... $comeback='http://' .

$_SERVER'HTTP_HOST' . $_SERVER'REQUEST_URI'; // rewriting the get trigger avoids short circuit looping problems $comeback=urlencode(str_replace('mod=admin', 'mod=auth', $comeback)); header("Location: " 'http://' . $_SERVER'HTTP_HOST' .

"/login. Php? Backto=$comeback"; } Leaving aside the typos in your code, what is the question?

If($num_rows == 1){ session_start(); $_SESSION'username'; header('Location: ' . $_SESSION'url'); } What do you think the third line does?

Apologies - my question has been removed by mistake. Just edited my original post. – Greg Mar 18 '11 at 12:16.

If thats the error you are getting then you need to check to see if you've already started the session somewhere else. In which case you need to put: if(!isset($_SESSION)){ session_start(); } In place of where you put your normal session_start().

That might actually be the solution (unfortunately I cannot do a test right now). Url.class. Php is included in every pages so a session is already started.

– Greg Mar 18 '11 at 15:54 Good, I had the same issue once before. You can only create a session once per page. I hope it does work for you.

– Steve Mar 19 '11 at 10:35.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.