parameter back login (SOLVED)

[critellus]

hello

in the new version 1.6, by clicking on the login button on the home page you will enter into page:

http://www.site.com/login?back=my-account

how I can use the parameter 'back'?

greetings

Edited May 18, 2014 by critellus (see edit history)

[shacker]

i check and go to 

 

index.php?controller=authentication&back=my-account

[critellus]

how i can use this variable to go to another page?

[critellus]

anyone have a solution?

 

Thanks

[shacker]

from what page to what url?

[critellus]

I'm doing the tests locally and on-site www.sport4you-mi.it.
After login I have to go to page:

http://www.sport4you-mi.it/14-centro-schuster

or  in local:

http://localhost:8888/prestashop/14-centro-schuster
but I'm always redirected to the page 'my-account '

Thank you so much

Edited April 15, 2014 by critellus (see edit history)

[vekia]

I'm doing the tests locally and on-site www.sport4you-mi.it.

After login I have to go to page:

http://www.sport4you-mi.it/14-centro-schuster

or  in local:

http://localhost:8888/prestashop/14-centro-schuster

but I'm always redirected to the page 'my-account '

Thank you so much

 

do you changed back parameter in block user info module template file ?

[critellus]

no. it's new installation. this problem there is in 1.5 and 1.6 version. i don't have a solution.

[critellus]

anyone can help me?

[critellus]

I have this problem too during checkout. After logging in I'm ALWAYS redirected to my-account.
Please help me.

[vekia]

this is how prestashop works by default - after login you're redirected to my account page.

 

information about redirect after login you can find here

http://www.prestashop.com/forums/topic/266211-solved-redirect-to-last-page-after-login-15/

[critellus]

Ok,

 

i Just read this topic more times and i Just tried.

I have enabled to force rebuilding and clearing the cache, but I ALWAYS redirect to my-account page....

[critellus]

The problem in post http://www.prestasho...after-login-15/ resolve the HTTP_REFERER problem.

My problem is different!!

My version is 1.6 and Prestashop $back variable don't work.

 

Sorry but I can't understand where is the problem

 

 

Regards

[critellus]

in AuthController.php    processSubmitAccount():

 

                        if (($back = Tools::getValue('back')) && $back == Tools::secureReferrer($back))
                            Tools::redirect(html_entity_decode($back));
                        // redirection: if cart is not empty : redirection to the cart
                        if (count($this->context->cart->getProducts(true)) > 0)
                            Tools::redirect('index.php?controller=order&multi-shipping='.(int)Tools::getValue('multi-shipping'));
                        // else : redirection to the account
                        else
                            Tools::redirect('index.php?controller='.(($this->authRedirection !== false) ? urlencode($this->authRedirection) : 'my-account'));

 

 

if the variable 'back' is initialized, the login is redirected right?
why not work?

 

www.sport4you-mi.it   (green and black image with message 'Area Riservata')

By default after login prestashop redirect to the My Account page and the variable back I do not know how to use it.
In the site I have a category available only to registered users and would like visualize login if the user has not yet performed.
After login the user should be redirected to the category.

thanks

 

Regards

Edited April 19, 2014 by critellus (see edit history)

[critellus]

i find the problem.

 

In function processSubmitLogin() in AuthController.php

 

the control: if (($back = Tools::getValue('back')) && $back == Tools::secureReferrer($back))  don't work.

If I replace with:

 

$back = Tools::getValue('back');
 if (!empty($back))  .......................redirect to page ...

else redirect to my-account

 

work perfect... why?

 

regards

[critellus]

i debug it.

 

Tools::secureReferrer($back) are blank!!!

$back instead contains the correct value.

Why?

What is secureReffer()???

 

Regards

[shacker]

you are in ps 1.6.0.6?

[critellus]

yes...

[critellus]

no... i'm sorry 1.6.0.5

[critellus]

i've update to last version but the problem persists...

[critellus]

I solv the problem.

If SSL have a problem, the function secureReffer() return blank and then the parameter 'back' don't work.

[Sanjeev Naroliya]

Hello Critellus,

How did you solve the issue?

I am using the following code

if (!$this->context->customer->isLogged() && $this->php_self != 'authentication' && $this->php_self != 'password')

   {
        Tools::redirect('index.php?controller=authentication&back=enquiry');
   }

Its goes to login page, the login form also have "back" hidden field which have "enquiry" as value but its not redirecting it to "enquiry" page, its always redirecting to "my-account" page only.

Whats wrong there?

Any help will be highly appreciated.
 

[critellus]

I have deleted the pieces of code where it controls the value returned by secureReffer (this function check SSL url).

[Sanjeev Naroliya]

from which file? line number?

[Sanjeev Naroliya]

i workout that, we need to update this below line of code

 

if (($back = Tools::getValue('back')) && $back == Tools::secureReferrer($back))

 

to

 

if (($back = Tools::getValue('back')) )

 

in controllers\front AuthController.php

 

I know its not a good pratice to update core files, any one know how can we override core controller?

 

I am sure, we can overried core controller, just have not time to digg this out.

[critellus]

i don't know... if you can do it... please tell me about....

[typ3z3r0]

I just managed to fix this problem, in 1.6.0.7. In my case, the problem was that in my NGINX config file, I had the server_name set to "localhost", not my domain name. The secureReferrer() function in the Tools class uses getServerName() to get the domain name. getServerName() returns $_SERVER['HTTP_X_FORWARDED_SERVER'] if it is set, otherwise it returns $_SERVER['SERVER_NAME']. In my case, it was returning "localhost". Hopefully this helps out someone in the future.

[critellus]

Thank You for your reply.

 

Isn't my case.

In my case the variable 'back' contain 'http://www.site.it/........back=.....' and the function Tools::secureReferrer($back) return '/'

and the control  ' if (($back = Tools::getValue('back')) && $back == Tools::secureReferrer($back)) '     it's false.

where is the problem in your opinion?

 

I havn't SSL.

regards

[typ3z3r0]

That means that the regular expression in secureReferrer() for verifying the redirect URL is failing for some reason, so __PS_BASE_URI__ (/ in your case) is being returned instead of the redirect URL.

public static function secureReferrer($referrer)
{
 if (preg_match('/^http[s]?:\/\/'.Tools::getServerName().'(:'._PS_SSL_PORT_.')?\/.*$/Ui', $referrer))
  return $referrer;
 return __PS_BASE_URI__;
}

I know what your problem might be. Your site uses "www.". The regular expression will not account for this, so your server_name has to be set to www.site.it (not site.it), or the regular expression can be changed to the following to account for www. too in case your server_name does not include it:
 

'/^http[s]?:\/\/(www.)'.Tools::getServerName().'(:'._PS_SSL_PORT_.')?\/.*$/Ui'

Ensure your server_name is www.site.it using the following:
 

<?php echo $_SERVER['SERVER_NAME']; ?>

Edited June 19, 2014 by typ3z3r0 (see edit history)

[critellus]

i sent to you a private message.

 

Regards

[typ3z3r0]

I managed to help critellus with his problem. He had set the URL for his login link to the following in order to have customers redirected to the home page upon logging in.

http://site.com/login?back=http://site.com

The problem was that he did not have a trailing slash on the URL set for the back variable. The regular expression used by Tools::secureReferrer() does not account for missing trailing slashes, as can be seen below:

/**
* Secure an URL referrer
*
* @param string $referrer URL referrer
* @return string secured referrer
*/
public static function secureReferrer($referrer)
{
 if (preg_match('/^http[s]?:\/\/'.Tools::getServerName().'(:'._PS_SSL_PORT_.')?\/.*$/Ui', $referrer))
  return $referrer;
 return __PS_BASE_URI__;
}

Using the following instead rectified the problem (note, a trailing slash will obviously not be needed if you're redirecting to a URL ending in a file extension, such as "index.php"):

http://site.com/login?back=http://site.com/

[critellus]

Thank You VERY MUCH!

[gnanet]

Edit: OOPS I MISSED THE LAST SOME POSTS SOMEHOW.

As i read the function secureReferrer($referrer) it tries to match the $referrer - in our case the value of $back - to a complete URL of the shop:

 

preg_match('/^http?:\/\/'.Tools::getServerName().'(:'._PS_SSL_PORT_.')?\/.*$/Ui', $referrer)

 

 

In my case a direct link to the referralprogram module in my-account creates a back=/module/referralprogram/program which will never match

Edited July 1, 2014 by gnanet (see edit history)

[ovidiubica]

I just managed to fix this problem, in 1.6.0.7. In my case, the problem was that in my NGINX config file, I had the server_name set to "localhost", not my domain name. The secureReferrer() function in the Tools class uses getServerName() to get the domain name. getServerName() returns $_SERVER['HTTP_X_FORWARDED_SERVER'] if it is set, otherwise it returns $_SERVER['SERVER_NAME']. In my case, it was returning "localhost". Hopefully this helps out someone in the future.

 

 

I can confirm this on Nginx, I had both: domain.com  and www.domain.com in Nginx config in this exact order while the shop is set to www.domain.com

 

Changing the domain order to www.domain.com domain.com solved my problem on latest 1.6 version.