Hi Perch,
Since it's possible for users to disable HTTP_REFERER in their browsers, I always prefer to explicitly set return URLs with query strings or form data. You can use thisPageUrl() to get a link to the current page. In a link (for example, the ones in examples/sc-cart-add.php), you can do this:
<a href="<?php echo $addLink ?>&returnUrl=<?php echo htmlencode(urlencode(thisPageUrl())) ?>">Add to cart</a>
...or, in a form (also from the same page):
<input type="hidden" name="returnUrl" value="<?php echo htmlencode(thisPageUrl()) ?>">
Then, you'll need to process that and store it. In general, cookies are more reliable than sessions (due to various server configurations), so I'd suggest using them. Note that both the links and the forms on sc-cart-add.php both submit to sc-cart-add.php, which then redirects to sc-cart.php: be careful that you're not trying to capture the returnUrl after the browser has already been redirected and the query string has been lost. We'll need to capture the returnUrl before that redirect happens, so add this to the (very) top the target page (e.g. sc-cart-add.php):
// record returnUrl, if provided
if (@$_REQUEST['returnUrl']) {
setcookie('returnUrl', $_REQUEST['returnUrl'], strtotime('+10 years'), '/');
}
Now you can use the cookie's value as the target URL on your cart pages (e.g. sc-cart.php). Note that I'm defaulting the URL to / with coalesce() below:
<?php $returnUrl = coalesce(@$_COOKIE['returnUrl'], '/') ?>
<a href="<?php echo htmlencode($returnUrl) ?>">Back to <?php echo htmlencode($returnUrl) ?></a>
You can test this by adding a junk query string to your page with the add link/form (e.g. sc-cart-add.php?hello), then making sure that the resulting link goes back to your unique url (e.g. ?hello).
Hope this helps! Please let me know if you have any questions.
All the best,
Chris