Global Login Block sends no "wantsurl" to redirect back

Global Login Block sends no "wantsurl" to redirect back

by Andreas Giesen -
Number of replies: 2

(Sorry for the crossposting, but I got no answer in the general developer forum and I thought I might have picked the wrong forum)

I use a custom theme with a login on every page with the code derived from the login block. Now since the login block is usually meant only for the frontpage, the user is redirected to the frontpage after login, not using the $SESSION->wantsurl to redirect to where the user came from. 


I already tried setting $_SESSION['wantsurl'] to $_SERVER['REQUEST_URI'] in the page with the login-form and echo'ing $_SESSION['wantsurl'] after that shows the right value is in there. But it still doesn't get picked up by /login/index.php 


I think I have the right concept, but still nothing works. Once I had it working but then the other ways of logging in didn't work anymore. 


Thanks in advance for any helpful input smile 



Average of ratings: -
In reply to Andreas Giesen

Re: Global Login Block sends no "wantsurl" to redirect back

by Andreas Giesen -

If I add this in the login form: 

$_SESSION['wantsurl'] = $_SERVER['REQUEST_URI']; 


and add to /login/index.php:

// login page requested session test
if ($testsession) {
    if ($testsession == $USER->id) {
 		if (isset($_SESSION['wantsurl'])) {
        $urltogo = $_SESSION['wantsurl'];
		} 	
		else if (isset($SESSION->wantsurl)) {
            $urltogo = $SESSION->wantsurl;
        } else {
            $urltogo = $CFG->wwwroot.'/';
        }
		unset($SESSION->wantsurl);
        redirect($urltogo);
    } else {
        // TODO: try to find out what is the exact reason why sessions do not work
        $errormsg = get_string("cookiesnotenabled");
        $errorcode = 1;
    }
}

at least I can log in via the global login block and get redirected to the page I logged in from. But now when trying to logout and log in via the regular login page, there is an error: "You are already logged in as..." I suppose now the session does not get closed after logout, but why? How does the added code affect logout session handling? 

Average of ratings: -
In reply to Andreas Giesen

Re: Global Login Block sends no "wantsurl" to redirect back

by Andreas Giesen -

Finally.…  !!!!!1111!1!! ;) 

Add to form-page: 

<input type="hidden" name="backtocat" value="<?php echo $_SERVER['REQUEST_URI']; ?>">

Add to /login/index.php

if (isset($_POST['backtocat'])) {
$_SESSION['backtocat'] = $_POST['backtocat']; } 

// login page requested session test
if ($testsession) {
    if ($testsession == $USER->id) {
 		if (isset($_SESSION['backtocat'])) {
                $urltogo = $_SESSION['backtocat'];
		} 	
		else if (isset($SESSION->wantsurl)) {
            $urltogo = $SESSION->wantsurl;
        } else {
            $urltogo = $CFG->wwwroot.'/';
        }
		unset($SESSION->wantsurl);
        redirect($urltogo);
    } else {
        // TODO: try to find out what is the exact reason why sessions do not work
        $errormsg = get_string("cookiesnotenabled");
        $errorcode = 1;
    }
}

The point I was missing all the time was that the session variable I was trying to set like in the post before was reset on every page because the login block is on every page in the header. By sending the variable via the hidden input I make sure that it is only present when actually logging in. In the login.php it has - when present - to be written to a session variable because of the testsession redirect otherwise it gets lost. 

Average of ratings: -