Dean ...
The convention in the ACS is to pass a "return_url" variable in the querystring. You can build it like this:
http://foo.com/bar?return_url=[ns_urlencode [ad_conn url]?[ad_conn query]]
then you return like this:
ad_page_contract {
return_url example
} {
return_url:notnull
}
... do lots of cool stuff ...
ad_returnredirect $return_url
In your case you probably want to use the form builder (despite its flaws - we hope to improve it in the upcoming months) in a template.
Doing it this way means the client page can simply include it
Also since you're talking about a form obviously you wouldn't pass a query string but rather would pass it as a hidden form variable. The above-mentioned form builder API allows the definition of hidden variables. If you e-mail me I can point you to some pages that use it ...
See acs-subsite/www/shared/confirm.tcl/adp for a templated confirmation page and session-update.tcl in the same directory.
The first is a template that allows a user to answer "yes/no", suitable for including from another template.
The second example's both easier and more complex. It just changes a session property and returns, but it signs and verifies the return_url value and makes sure that the connection referrer value matches the one passed along as one of the parameters. I used it in a project to set some semi-sensitive properties (backed up by permissions checking as the comment in that script suggest one do!) and wanted to lower the chances that someone might spoof the page.
