[RESOLVED] Login URL Redirect Not Working
Using php/mysql.
Based on access levels, if someone tries to get to an admin page (if they are not logged in) then the user is directed to admin.php
The URL of admin.php has a URL variable called accesscheck which equals the page that forced them to admin.php to login first.
After logging in, I want the user to be redirected to the page they tried to get to in the first place.
Here's the URL (example) that forces the user to the admin.php with URL variable:
The login ALWAYS goes to admin_console.php from the code below. It never redirects. Not sure why?Code:http://www.mysite.com/admin.php?accesscheck=%2Fadmin_viewinvoices.php
Anyone know why the URL redirect doesnt work? Thanks.Code:<?php require_once('Connections/connectCavage.php'); ?> <?php session_start(); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } ?> <?php // *** Validate request to login to this site. $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = urldecode($_GET['accesscheck']); } if (isset($_POST['username'])) { $loginUsername = $_POST['username']; $password = $_POST['password']; $MM_fldUserAuthorization = "access_level"; $MM_redirectLoginSuccess = "admin_console.php"; $MM_redirectLoginFailed = "admin.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_connectCavage, $connectCavage); $LoginRS__query=sprintf("SELECT ID, Default_Office, Username, Password, Access_Level, staff.Company_ID FROM staff WHERE Username=%s AND Password=%s AND Active='Y'", GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $connectCavage) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $row_Login = mysql_fetch_assoc($LoginRS); $loginStrGroup = mysql_result($LoginRS,0,'Access_Level'); //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; $defoff = $row_Login['Default_Office']; if (!isset($defoff)){ $_SESSION['Default_Office'] = "all"; } else { $_SESSION['Default_Office'] = $row_Login['Default_Office']; } $UserID = $row_Login['ID']; $_SESSION['Staff_ID'] = $UserID; $CompanyID = $row_Login['Company_ID']; $_SESSION['Company_ID'] = $CompanyID; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> ... ... ... ... </head>
Reply With Quote