Hi,
I have the same problem. First, I tried
PHP Code:
$this->_redirect($_SERVER['HTTP_REFERER']);
PHP Code:
$this->_redirect($this->getRequest()->getServer('HTTP_REFERER'));
PHP Code:
$this->_redirect($this->getRequest()->getServer('HTTP_REFERER', false));
They didn't work properly after successful login, and asked robinsk & necrogami from #zftalk. Here are what they advised me:
Quote:
<robinsk> that way people could link to your login page, then get redirected to a malicious page on successful login
<robinsk> i find it's better to store "current uri" or "current module, contoller and action" on pages that requires a login, then store this information in session, and redirect to this on successful login
<necrogami> or put the Current Module, Controller and Action into hidden variables in the login form
<necrogami> then recall them after login and redirect 
<robinsk> that's also a possible approach, although it might be altered by a user
|
Currently, I have not followed what they told me, but I will follow as soon as I get up. I'm really sure this will work.
And it's 01:24, and need to get rest ^.^
(hope you will share your experience if you try this)