0

I am using the following to lock in a location if a user isn't logged in so that I can return to this location once login is successful

$_SESSION['returnURL'] = htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES);

I am having no luck using this session variable in my header redirect. The contents of this variable currently is: /event.php?title=Test&id=16

if($sql->num_rows==1) {
    if (isset($_SESSION['returnURL'])){
        $_SESSION['username'] = $username;
        header("location:$_SESSION['returnURL'])";
        unset($_SESSION['returnURL']);
    } else {
        $_SESSION['username'] = $username;
        header('location:home.php');
    }
} else {
    die(header("location:login.php?login-failed=true&reason=not_found"));
}

When I replace the contents of $_SESSION['returnURL'] with the address that is stored in $_SESSION['returnURL'] it works perfectly. Something is presenting a problem when I use $_SESSION['returnURL'] variable with header I think.

Improve this question
3
  • 5
    Well you have a syntax error in the first header line. Commented Jan 3, 2016 at 23:08
  • Can you be specific...I'm not seeing it. As I mentioned, if I replace my variable with what is actually stored in the session (I am copying and pasting the contents), it works beautifully. Wouldn't a syntax error throw every time? Commented Jan 4, 2016 at 14:44
  • in header("location:$_SESSION['returnURL'])"; you're missing a closing) for the header function. I didn't post an answer because it might just be a typo. Also the answer below addresses your problem. Commented Jan 4, 2016 at 14:47

1 Answer 1

Reset to default
1

Problems with this line:

header("location:$_SESSION['returnURL'])";

Fix the closing bracket:

header("location:$_SESSION['returnURL']");

And use curly braces for array variables in quoted strings:

header("location:{$_SESSION['returnURL']}");

Also:

htmlspecialchars('/event.php?title=Test&id=16', ENT_QUOTES);
// Results in: /event.php?title=Test&id=16

Which is a different URL. You don't need to convert to html entities here.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I have fixed my typo and added curly braces. My session['returnURL'] is set, but not recognized. When I check what sessions are stored, I have: Array ( [returnURL] => /event-signup.php?title=The%20Seriousness%20of%20Enjoying%20Your%20Group%20Resistances&id=17 ) When I run the code I always get sent "home.php". My if statement is failing for some reason.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.