Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I found many way for redirect to previous page after login and example :
$_GET – need to validate$_SESSION – will override the value if using multiple tabs$_SERVER['HTTP_REFERER'] – it’s sent by the browser to the serverOn form we can use
<form action="/process/?return=/previous/page/?id=123" method="post" />
or using hidden input.
<input type="hidden" name="return" value="$_GET or $_SESSION or $_SERVER" />
May I know what is the best practices to secure the return value?
The most common practice (also on e-commerce sites in payment checkout) is to have a hidden input with the URL to redirect to:
It seems to be secure enough for most people…