Members can view posts and I've added a 'interest' link so they can click on it and the poster can see the member is interested in their post. However what I'd like to do is send an email when a user shows interest and within that email include a link to the users interests table.

I have done sending emails with PHP before, so I think I could manage this, and I would obviously just include a link to the interest table within the email. However what I was thinking about was that if a user clicks on the link they will not be logged in - therefore my authentication will ask them to login. BUT THEN what I want to happen is that on login they should go to the interests table. In other words the system needs to somehow know where the user wants to login to and when they have logged in it can go to that page. (Hope that makes sense)

This is what I think I need to do:
1- I need to set a session var with the requestedURL...
2- Goto the login page
3- If the session exists the login page will know to redirect to that

Sounds ok to me, I think that's right :ehh:

Anyway I was messing about trying to figure this out and I got to the point where I thought on every single page I'll start off by adding the pageURL to the requestedURL session. This way whenever you go to a page and you need to login the session will be set.

This is what I was going to add:


session_start();
session_register("s_requestedURL");
$s_requestedURL = "page.php";


Then I thought will that just be creating lots of sessions or will that be creating errors or something? Basically, what is the correct method I should deal with this task??? Cheers

I'm not sure how your login page is set up, but you can do something like this:

login.php
<?php
if($_SERVER['REQUEST_METHOD'] == "POST"){
//form was submitted
//did they want a return page?
if(isset($_POST['return']))
$return = $_POST['return'];
//make sure the page exists, if it doesn't delete the variable
if(!file_exists($return . '.php'))
unset($return);

//rest of your error checking and stuff here
if(successful_login){
//if they had a return page, redirect them and exit
if(isset($return)){
header('Location: ./' . $return . '.php');
exit;
}
//they didn't have a return page, so print out the successful login stuff
?>
you successfully logged in!
<?php
}else{
//not submitted yet
//do they want a return page?
$return = (isset($_GET['return']) && $_GET['return'] != '') ? $_GET['return'] : '';
?>
<form action="login.php">
<?php if($return != ''){ ?>
<input type="hidden" name="return" value="<?php echo $return; ?>" />
<?php } ?>
<!-- rest of your form goes here -->
</form>
<?php } ?>

It's very incomplete, but I think it will give you an idea of what you could do. This way, in your email you can basically link to it like this:
http://www.example.org/login.php?return=page

after successfully logging in, if "page.php" exists it will immediately redirect to "page.php"

edit: also, if the user puts in the WRONG login information, you should carry the $_POST['return'] over again so that it will still exist. depending on HOW you set it all up, you could do:
if(isset($_POST['return']))
$_GET['return'] = $_POST['return'];
then, the form would pick it up too.. but you'd have to set up the login page I made above a little bit differently for this to work the way you'd expect it to (since there's an "ELSE," you will have to remove it and check if some variable that sets whether to print the form is true or not). hope that makes sense.

Members can view posts and I've added a 'interest' link so they can click on it and the poster can see the member is interested in their post. However what I'd like to do is send an email when a user shows interest and within that email include a link to the users interests table.

I have done sending emails with PHP before, so I think I could manage this, and I would obviously just include a link to the interest table within the email. However what I was thinking about was that if a user clicks on the link they will not be logged in - therefore my authentication will ask them to login. BUT THEN what I want to happen is that on login they should go to the interests table. In other words the system needs to somehow know where the user wants to login to and when they have logged in it can go to that page. (Hope that makes sense)

This is what I think I need to do:
1- I need to set a session var with the requestedURL...
2- Goto the login page
3- If the session exists the login page will know to redirect to that

Sounds ok to me, I think that's right :ehh:

Anyway I was messing about trying to figure this out and I got to the point where I thought on every single page I'll start off by adding the pageURL to the requestedURL session. This way whenever you go to a page and you need to login the session will be set.

This is what I was going to add:


session_start();
session_register("s_requestedURL");
$s_requestedURL = "page.php";


Then I thought will that just be creating lots of sessions or will that be creating errors or something? Basically, what is the correct method I should deal with this task??? Cheers
You are doing it correctly by storing the redirect URL in a session variable. It is better to use $_SESSION rather than session_register() however. Once the use has logged in, you can simply send a redirect or refresh to send the use to the page they requested.

You may also want to save the current state of the $_POST, $_REQUEST and $_GET variables, to replicate any data the user has sent.

if (! $_SESSION['authenticated']) {
$_SESSION['state'] = array('POST' => $_POST, 'GET' => $_GET, 'REQUEST' => $_REQUEST);
$_SESSION['redirect'] = $_SERVER['PHP_SELF'];

}


When the user logs on you redirect the user using the session variable you set.

if (isset($_SESSION['redirect'])) {
header('Location: ' . $_SESSION['redirect']);
}


You can check on each page to see if there was a saved state and restore it:

if (isset($_SESSION['state'])) {
$_GET = $_SESSION['state']['GET'];
$_POST = $_SESSION['state']['POST'];
$_REQUEST = $_SESSION['state']['REQUEST'];
}

Hey thanks for that but I'm finding it hard to follow to be honest; can you explain if there are any advantages of it over my original post? It's just that I found way to be simpler I spose, like I could follow what I was doing...obviously I'm sure you're way is right too :)

The thing is I'm just wondering how this would work:

session_start();
session_register("s_requestedURL");
$s_requestedURL = "page.php";

On every page? Would that create lots of sessions or just overwrite the exisiting one as wanted?

Hey thanks vAd, I saw your post after I'd posted my reply... anyway I'm testing it now...!

Would that create lots of sessions or just overwrite the exisiting one as wanted?
Each user gets given a single session during their browsing session. So you can use session_start() in as many scripts as you please. PHP will automatically remove session that have not been used for a set time period so you don't have to worry about that.

Only call session_start() when you need to access the $_SESSION variable however, as there is a slight time delay associated with opening an retrieving session data.

A single session? I can still have different sessions though right? For instance one for redirect, one for userid etc? One wont get killed for the other will it? lol...

Actually I've run into a problem;

I've got a levels page and I added this to the top:


session_start();
$_SESSION['redirect'] = "levels.php";


Then in my login script, when all validation has been done etc:


// if the session redirect exists just send the user there
session_start();
if (isset($_SESSION['redirect'])) {
header('Location: ' . $_SESSION['redirect']);
}


However it's not working - the user gets sent to the the default login page... Could it be because I've got my authentication in the line:


require_once("auth.php");


And that is being run on levels.php before it has a chance to make the sessions var??

Right messed about a bit and fixed it, I checked and session[redirect] WAS passing so I fixed the if..loop on my login page and now it works ok - fingers crossed any testing won't show problems.

Thanks again guys! Really appreciate it!

*Haha I still have to test it with the email thing yet, so I'll get back to you with that!! :wave: *

Ok heres one:

When logging out I do this:


unset($_SESSION['redirect']);



And in login there is this:


session_start();
if (isset($_SESSION['redirect'])) {
header('Location: ' . $_SESSION['redirect']);
//echo "$_SESSION['redirect']";
} else {


However on testing it seems that even after logging out and logging back in, I'm being redirected to the redirect session. Therefore it's still there and not being deleted as I thought - any fix on this??

Have you called session_start() on the logout page?

Ohh, no I didn't (!)

Do I have to do a separate session_start for each $session?

You're confusing sessions for session variables. One user session contains many variables.

Ok fine, I got this sorted - so just to clarify one session can indeed have more than one variable and each time I'm accessing a session var I have used 'session_start()' which has worked fine. cheers!