Not a good idea. You have just sent, in plain text for the world to see, the url of where people get to once they passed the user id / password validation. Remember that everything your web server sends to the client's browser is completely visible to that person - check out the "view source" option.