Return to previous page after login

Oi!

I have wanted a returntosamepageafterlogin-feature on my site for a long time. But whats the best way?

I was thinking about saving the url into a sessio开发者_运维问答n and when he/she logins, i check if the returnto-session if set, if it is, i redirect to that page

Is that safe/good?

---

This is usually done by putting the URL for the previous page in the querystring of the login page.

EDIT: Make sure to validate that the URL is a relative path, and to correctly encode it.

---

Every page at the top (after proper initialization of the session & configurations, whatever preliminary & important you require), you need to fire one function (for example, "checkLogin()") to check & see whether the visiting user has got its session / cookie / permission (for that page) set, according to some specific conditions.
To check what all permissions are required for each specific page, you can pass some parameters regarding these permissions to the function definition, and authenticate the user as suitable.

If the condition(s) are set, you can redirect the user as an authenticated one to his requested page, otherwise just redirect him to your site's login page (with his requested page mentioned either in the query string or saved in a session variable). Now after proper login & setting of specific permissions for authentication, you can easily use the query string's value of requested page to redirect him to his destination.

Hope it helps.