There are two simple solutions to this problem. The first you've already mentioned -- store the original link in some hidden form input field.
The other way is to store the original link in a session variable.
When you think about it, storing the original link in a hidden form field is just one way of persisting data -- something that the session variable was *designed* to do... so why not use it?
Here's a simple example:
<?php // login_check.inc.php
if (!logged_in()) // assume that you've written logged_in().
{
$_SESSION['original_url'] = $_SERVER['PHP_SELF']
header("Location: login.php");
exit();
}
?>
<?php // Any password-protected page:
session_start();
require_once('login_check.inc.php'); // redirects anyone who's not logged in.
// Here we can assume that everyone's logged in.
// Proceed with the rest of the script.
...
?>
<?php // login.php
session_start();
if (isset($_POST['username'] && $_POST['password']))
{
// validate user login.
...
$target_url = isset($_SESSION['original_url'])
? $_SESSION['original_url']
: 'member_main.php';
if (login_valid)
{
header("Location: {$target_url}");
exit();
}
else display some invalid login error
}
// generate the login form here.
...
?>
Hope the above gives you ideas.
Take care,
Nik
http://www.bigaction.org/