Zubrag.com
May 16, 2012, 04:25:55 pm *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
 
   Home   Help Search Login Register  
Zubrag.com :: Forum > zubrag.com > Questions About Our Scripts > Password Protect > redirection after authentication
Pages: [1]
  Print  
Author Topic: redirection after authentication  (Read 2696 times)
jonryce
Newbie
*
Posts: 2
« on: April 17, 2007, 07:36:48 pm »
Thank you, awesome script.. I found it very helpful! I got it working very quickly with the helpful forum instructions.

One question I have is if it is possible after implementing the login/password form on the main page of a website (user must type in both username and password), can it be redirected to another page on the website after successful authentication?

Thanks again!

to be more clear: what I have done is put the appropriate php code before and after my <html></html> sections (this is my main page index.php), and currently successful authentication submission ends up in a blank page. I would like a succesful authentication to redirect the user to another page (i.e. privatepage.htm) instead. (I understand omitting the "incorrect password" part of the code will not display to the user when a wrong password is entered, it just stays on the current page which is ok). My form code reads:

<form method="post">
Login:<input type="input" name="access_login" />Password:<input type="password" name="access_password" /><input type="submit" name="Submit" value="LOGIN" />
  </form>
  <a style="font-size:9px" href="http://www.zubrag.com/scripts/password-protect.php" title="Download Webpage Password Protect">Powered by Webpage Password Protect</a>
Logged
zubrag
Administrator
Hero Member
*****
Posts: 753


WWW
« Reply #1 on: April 18, 2007, 02:14:14 am »
If you want to redirect to another page after successful login then add following code just before the ?> line at the end of the script

header('Location: http://www.mysite.com/path/to/privatepage.htm'); die();

so it would look like
header('Location: http://www.mysite.com/path/to/privatepage.htm'); die();
?>

But this will not protect against opening http://www.mysite.com/path/to/privatepage.htm directly. Every program you want to protect from direct linking must contain protection code.
Logged
jonryce
Newbie
*
Posts: 2
« Reply #2 on: April 19, 2007, 04:08:12 pm »
perfect, thank you for the fix and for the caution

cheers
Logged
recoding
Global Moderator
Jr. Member
*****
Posts: 71


WWW
« Reply #3 on: April 20, 2007, 04:41:19 am »
Just another note, could he/I do that with looking at the referrer information? Huh
Logged
zubrag
Administrator
Hero Member
*****
Posts: 753


WWW
« Reply #4 on: April 20, 2007, 07:36:33 am »
Not sure if i understood your note correctly. Yes, checking referrer would stop some direct-linkers.
But:
1) all htm files (which need to be protected) would need to be changed to check referrer (I assume via javascript, and some users have javascript disabled in the browser).
2) it is very easy to spoof the referrer (using browser plugins).
Logged
recoding
Global Moderator
Jr. Member
*****
Posts: 71


WWW
« Reply #5 on: April 20, 2007, 08:02:49 am »
Ah, didn't know about the referrer spoofing.

When i said about it was thinking of the $_SERVER['HTTP_REFERER']; command,
but if users can spoof it i guess its no use =[ worth the try tho,

thanks for responding Zubrag,
& thank you for all the scripts you have available, that are amazingly helpful!
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC