Usually you would just redirect to MemberPage.php and then save the username in the session from the authentication server behavior directly. That way you wouldn't have to pass it in the url where it could be changed but could display or use it anywhere on pages after.