0

I'm trying to create a working Login for a project.

I already have a file "Login" with a form that take email and password, this data get send to another file "Control_login" and if they match with the data in the database "Control_login" redirect you to the home page (logged) if not "Control_login" redirect you again to the login page.

So what i want is that when "Control_login" redirect to the login page i want a pop-up alert that say that the email or the password are wrong.

I already know how to create a pop-up but i don't know how to make it appear after the user get redirected from "Control_login" to "Login".

Thank for the help.

Cid
  • 14,968
  • 4
  • 30
  • 45
BefitMango706
  • 13
  • 8
  • there is the request header "Referer" – Sherif Sep 26 '21 at 10:15
  • 1
    You can use the `$_SERVER['HTTP_REFERER']` global value to access the previous page of the user. Keep in mind this value is provided by the client so can be modified. Handle this data with caution. – MaartenDev Sep 26 '21 at 10:17
  • it's `$_SERVER['HTTP_REFERER']`, but you can also keep track of it via a `$_SESSION` variable. Tons of ways to do this, even via Javascript. – Dorvalla Sep 26 '21 at 10:17
  • 3
    xy problem.. everyone jumps on the wrong solution. You don't need to get the referer, you should put the alert in session then do a simple check on the page to look to see if there is an alert in session then display it, then at the end of the if statement clear the value from the session. This is how most systems do it, its called flashbag – Lawrence Cherone Sep 26 '21 at 11:09

1 Answers1

3

You can use the $_SERVER['HTTP_REFERER'] global value to access the previous page of the user. Keep in mind this value is provided by the client so can be modified. Handle this data with caution.

More information from the request can be found in the $_SERVER global. Checkout the PHP Docs.

MaartenDev
  • 5,631
  • 5
  • 21
  • 33
  • [`$_SERVER['HTTP_REFERER']` should not be trusted, ever](https://stackoverflow.com/questions/6023941/how-reliable-is-http-referer). – Tigger Sep 26 '21 at 10:20
  • That's why I put the `Keep in mind this value is provided by the client so can be modified.` Most built-in ways to detect the previous page can be spoofed because they are provided by the client. You could store the browse history in the session to prevent tampering – MaartenDev Sep 26 '21 at 11:56
  • You presented a broken solution that encourages a reliance on a feature that can not be trusted - even with the caution text. Stack Overflow is about finding a solution to a problem and your answer creates another problem. – Tigger Sep 26 '21 at 21:46
  • If it's just "flashing" the data for a single request sessions can be used to store a message and clear it on the next page load. However this question doesn't make it clear if that would fit their needs. – MaartenDev Sep 27 '21 at 09:34