Home/ Questions/Q 6351083
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T21:56:04+00:00

How would I create a login link on a CakePHP page that contains a

  • 0

How would I create a login link on a CakePHP page that contains a query string with the current page so for example: domain.com/login/?back=/posts/This_is_a_post

and then how would I use this in the login method to send the user BACK to this url?

I have tried this: <?php echo $this->Html->link('Log in', array('controller'=>'users','action'=>'login','admin'=>false, '?'=> array('back'=>$this->here)), array('escape'=>false)); ?>

but it does this on the url /login?back=%2Fportfolio%2Fgt%2FCreatHive

how do I get it to NOT change the / in the URL

Cheers

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The best way to do this is to store the last page visited in a session at some point, probably when the page is loaded in the login action or something. Why you ask? As an attacked could make a link to your site eg: yoursite.com/login?back=mysite.com/login, so that when the user logs in, you send them to my site which is an exact duplicate of your login form and get them to login again. Voila, an attacker could now easily phish your users info.

    With sessions there’d be no url encoding problems either. Just something like this in your login action:

    $this->Session->set('back_to', $this->referer());

// Then if they have logged in:
$backTo = $this->Session->read('back_to');
if($backTo) {
    $this->redirect($back_to);
} else {
    $this->redirect($this->Auth->redirect());
}
    • 0