Posted by Robert Oschler on 11/15/13 11:22

"Andy Hassall" <andy@andyh.co.uk> wrote in message
news:p5hae1lg7ojb2l43n03orj2uacmcgfghav@4ax.com...
> On Sun, 24 Jul 2005 17:16:15 -0400, "Robert Oschler"
> <no-mail-please@nospam.com> wrote:
>
> I do a similar thing for GET requests on an intranet at work, except I
pass
> the "return URL" to the authentication page - I've chickened out of POST
> requests as it's reasonably safe to assume that nobody will be POSTing in
from
> an unauthenticated area into the authenticated area (at the moment
anyway), and
> the POST data may be too long to encode in a GET request.
>
> You don't have that problem as you say you're storing it in a database -
> that's a decent idea. Could also presumably do that in a session variable
> reasonably safely as well.
>
> If it's a GET request, then you can just reconstruct the URL and
> header("Location: $absolute_url") to it. Main thing to watch out for is
array
> parameters (i.e. value[]=x;value[]=y or value[1]=x;value[3]=y) etc.
>
> What sort of format are you using to store the data in the DB? Do you
> basically end up with a copy of the full (possibly multi-dimensional)
$_GET
> array as it was before you went into the authentication section?
>
> If it's POST then you can't redirect into it, but you can reproduce all
the
> form data using input type="hidden", fields and present a submit button to
post
> back to the correct location.
>
> --
> Andy Hassall / <andy@andyh.co.uk> / <http://www.andyh.co.uk>
> <http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool

Andy,

You basically answered my question when you told me that you can't redirect
a POST. I'll have to modify my POST target scripts to look for a URL
argument that tells them to pull the POST data from the database instead of
the $_POST array. Not too hard.

Thanks.

[Back to original message]