Is it possible to redirect user to a different URL after logging in?

Discussion in 'Customization & add-ons' started by tomfra, Nov 21, 2007.

  1. tomfra

    tomfra Member

    Joined:
    Dec 21, 2006
    Messages:
    199
    Is there an easy way to redirect the user after he/she logs in at /amember/member.php, to an URL of our choice? I can do it with some code hacking of course, but perhaps this capability is built-in into aMember already and I just didn't find it?

    I would like to redirect only users with an active subscription to their member content URL right after they log in.

    Tomas
  2. jazzedge

    jazzedge Member

    Joined:
    Aug 11, 2007
    Messages:
    54
    Not that I know of.

    I'd say, set a cookie if you want the user to choose or do a header redirect:

    header('Location: http://www.address.com/etc');

    put this on member.php

    Other thoughts anyone? I think I'll be adding this to my site soon as well.

    -w
  3. davidm1

    davidm1 aMember User & Partner

    Joined:
    May 16, 2006
    Messages:
    4,435
    Go to the product setup in amember. under Product URL, put in the URL you want to redirect to. eg. /content/

    You can also specify it redirect to a specific page from the form.
    In the form add:
    <input type="hidden" name="amember_redirect_url" value="/content/">


    David
  4. tomfra

    tomfra Member

    Joined:
    Dec 21, 2006
    Messages:
    199
    Thanks for the suggestions! I found on this page: http://manual.amember.com/Login/Membership_Info that if I use /amember/login.php instead of /amember/member.php that the user will be automatically redirected to the product URL set in Amember CP. It will do the trick for me ;)

    Tomas
  5. tomfra

    tomfra Member

    Joined:
    Dec 21, 2006
    Messages:
    199
    I am now having a similar problem for the /amember/profile.php form. When you hit the "Save Profile" button, it always takes you to /amember/member.php . Unfortunately, the amember_redirect_url hidden form field does not seem to be working for this form.

    I guess I will have to hack the redirect.html file a little bit...

    Tomas
  6. tomfra

    tomfra Member

    Joined:
    Dec 21, 2006
    Messages:
    199
    If anyone else has the same problem with the amember_redirect_url hidden form field not working, you can use the attached "hacked" redirect.html file and use it instead of the default one.

    No guarantees but it works for me. In its current form, the amember_redirect_url value has to be sent via POST method only but it can be easily changed - in the template you can use "$smarty.get.amember_redirect_url" or "$smarty.request.amember_redirect_url" instead of "$smarty.post.amember_redirect_url".

    Tomas
  7. runtowin

    runtowin New Member

    Joined:
    Jan 7, 2008
    Messages:
    8
    I used it as both post and get and it worked both ways for me...
  8. jazzedge

    jazzedge Member

    Joined:
    Aug 11, 2007
    Messages:
    54
    I wonder if using the GET method leaves you open to a 3rd party redirecting your script?

    Posing as your company and redirecting to their site?

    Or.. other redirect issues.
  9. tomfra

    tomfra Member

    Joined:
    Dec 21, 2006
    Messages:
    199
    It probably does but I don't see any real use for it. Actually, using GET anywhere is probably a bad idea unless you use some other security measures. In this case if you really do need to use the GET method for redirecting, it would be probably wise to limit the "redirect to" URL to web pages on your domain only with some code hacking.

    On the other hand, if you install CURL on some server, you can send POST requests quite easily as well so using POST is not that much more secure as some may think. Again, the code should be improved to provide better security - in this case checking the referrer URL would help. I'll improve the code if I find some time today.

    Tomas
  10. tomfra

    tomfra Member

    Joined:
    Dec 21, 2006
    Messages:
    199
    OK, I am not going to implement the security measures myself because that apparently involves messing with the smarty code which I know next to nothing about. It looks like it can not be done in pure PHP using the {php}...{/php} tags because I'd need to use some smarty-only variables within the pure PHP code which I simply don't know how to do.

    But it seems that it is impossible to use the redirect file unless the user is logged-in so the abuse possibility is somewhat limited. Hopefully someone with better experience with Smarty will be able to modify the code.

    Tomas

Share This Page