- Code, Content, and Presentation
-- PHP Server Side Scripting
---- http referer and php header
- 12:49 pm on Feb 10, 2012
Isn't referer disabled for POST requests?
The referer should be saved in the session
the POST request, when the login form is first displayed. And should not be overwritten if the referer is blank (the page is refreshed etc.)
But yes, this is not ideal. The referer
be blank in the beginning, so you would have no choice but to be redirected to the index page on success in this instance.
An alternative would be to store the current URL
being redirected to the login page rather than checking the referer
the login page. This would probably be the better approach.
Brought to you by