8

I want to be able to redirect to another controller but when user logins in with google and is success full it gets redirected to there usercp but for some reason it gets the # from the end of here

http://www.example.com/test/google?code=4/sorrynocodeshown#

And when redirects using codeigniter redirect() it adds # to it.

http://www.example.com/usercp#

Question When redirecting to new page once successful login how to stop # from being added.

I use https://github.com/moemoe89/google-login-ci3

I also use vhost with xammp

Controller function

public function google() {

    if ($this->input->get('code')) { 

    $googleplus_auth = $this->googleplus->getAuthenticate();

    $googleplus_info = $this->googleplus->getUserInfo();

    $google_data = array(
        'google_id' => $googleplus_info['id'],
        'google_name' => $googleplus_info['name'],
        'google_link' => $googleplus_info['link'],
        'image' => $googleplus_info['picture'],
        'email' => $googleplus_info['email'],
        'firstname' => $googleplus_info['given_name'],
        'lastname' => $googleplus_info['family_name']
    );

    $login_google_userid = $this->login_model->login_with_google($googleplus_info['id'], $google_data);

    $_SESSION['user_id'] = $login_google_userid;

    redirect('usercp');

   }

}

config/googleplus.php settings

<?php

defined('BASEPATH') OR exit('No direct script access allowed');

$config['googleplus']['application_name'] 'Somename';
$config['googleplus']['client_id']        = '*****';
$config['googleplus']['client_secret']    = '*****';
$config['googleplus']['redirect_uri']     = 'http://www.mysetname.com/account/login/google';
$config['googleplus']['api_key']          = '*****';
$config['googleplus']['scopes']           = array();

enter image description here

I am using HMVC with codeigniter

application/modules/account/controllers/Login.php

Full Controller

<?php

class Login extends MX_Controller {

    private $error = array();

    public function __construct() {
        parent::__construct();
        $this->load->library('form_validation');
        $this->load->library('googleplus');
    }

    public function index() {


        if ($this->login_model->is_logged_in()) {
            $this->session->set_flashdata('success', 'Welcome back! If you wish to logout ' . anchor('account/logout', 'Click Here'));
            redirect(base_url('usercp'));
        }

        if (($this->input->server("REQUEST_METHOD") == 'POST') && $this->validateForm()) {
            $this->load->model('account/login_model');

            $user_info = $this->login_model->get_user($this->input->post('username'));

            if ($user_info) {

                $_SESSION['user_id'] = $user_info['user_id'];

                redirect(base_url('usercp'));
            }
        }

        $data['login_url'] = $this->googleplus->loginURL();

        if (isset($this->error['warning'])) {
            $data['error_warning'] = $this->error['warning'];
        } else {
            $data['error_warning'] = '';
        }

        if (isset($this->error['username'])) {
            $data['error_username'] = $this->error['username'];
        } else {
            $data['error_username'] = '';
        }

        if (isset($this->error['password'])) {
            $data['error_password'] = $this->error['password'];
        } else {
            $data['error_password'] = '';
        }

        // Common
        $data['header'] = Modules::run('common/header/index');
        $data['navbar'] = Modules::run('common/navbar/index');
        $data['footer'] = Modules::run('common/footer/index');

        $this->load->view('login', $data);
    }

    public function validateForm() {
        $this->form_validation->set_rules('username', 'username', 'required');
        $this->form_validation->set_rules('password', 'password', 'required');

        if ($this->form_validation->run() == FALSE) {

            $this->error['username'] = form_error('username', '<div class="text-danger">', '</div>');

            $this->error['password'] = form_error('password', '<div class="text-danger">', '</div>');
        }

        if ($this->input->post('username') && $this->input->post('password')) {

            $this->load->model('account/login_model');

            if (!$this->login_model->verify_password($this->input->post('username'), $this->input->post('password'))) {
                $this->error['warning'] = 'Incorrect login credentials';
            }

        }

        return !$this->error;
    }

    public function google() {

        if ($this->input->get('code')) {

        $googleplus_auth = $this->googleplus->getAuthenticate();

        $googleplus_info = $this->googleplus->getUserInfo();

        $google_data = array(
            'google_id' => $googleplus_info['id'],
            'google_name' => $googleplus_info['name'],
            'google_link' => $googleplus_info['link'],
            'image' => $googleplus_info['picture'],
            'email' => $googleplus_info['email'],
            'firstname' => $googleplus_info['given_name'],
            'lastname' => $googleplus_info['family_name']
        );

        $login_google_userid = $this->login_model->login_with_google($googleplus_info['id'], $google_data);

        $_SESSION['user_id'] = $login_google_userid;

        redirect('usercp');

    }

    }
}
Mr. ED
  • 11,163
  • 10
  • 51
  • 114

3 Answers3

2

When calling the redirect, you should be able to drop the hash by using the refresh param:

redirect('usercp', 'refresh');

You can modifying the url by doing something like

$url = strstr($url, '#', true);

But otherwise since it's a client-side stuff there's not a lot of options. You could also remove it from javascript when the client load the page with 

history.pushState('', document.title, window.location.pathname + window.location.search)
Balthazar
  • 33,765
  • 10
  • 77
  • 104
2

Codeigniter's redirect() function uses the php header() function in 2 ways:

    switch ($method)
    {
        case 'refresh':
            header('Refresh:0;url='.$uri);
            break;
        default:
            header('Location: '.$uri, TRUE, $code);
            break;
    }

using the refresh parameter will not add the hashtag. You find more about this in system/helpers/url_helper.php

you can use this to your advantage in google_login.php changing

$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));

accordingly to 

$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Refresh:0;url=' . filter_var($redirect, FILTER_SANITIZE_URL));
Vickel
  • 6,356
  • 6
  • 30
  • 49
  • check in system/helpers/url_helper the function redirect: it's either 302, 303 or 307 – Vickel May 30 '17 at 11:42
  • Still gets the hashtag from google url and adds it to the redirect – Mr. ED May 31 '17 at 05:10
  • I cannot reproduce the error, I've setup a google auth login with your libraries/files, but changed the following: I created a controller `G_login.php`. Inside this controller's index function I have put the code of your current function `google`. Obviously I changed the redirect URI from `http://example.com/account/login/google` to `http://example.com/g_login`. Also, for testing purposes, I disabled the `$this->login_model` and `$_SESSION['user_id']` part. Now it works fine, no hashtag – Vickel May 31 '17 at 23:29
1

since this is too long in the comment section, here goes:

try to use your browser's debug mode/developer tools, and see the network part of it. in there, you could see the sequence of requests when your page are loading.

if you are using chrome, thick the preserve log option before doing the oauth.

do the oauth and then try to find the request to google that redirects to your page.

click on the request, you will get the details of the request.

see for the response header, it should be 302 status and the destination should be your http://www.example.com/usercp url.

if you did not see the #, then you have problems in your part, try to check your .htaccess file.

if it's there in the destination, then the problem lies in google part, and not much you can do about it

am05mhz
  • 2,214
  • 20
  • 32