weikelbob
asked on
how to user header("Location... with dynamic URLs
What's wrong with this line?:
header("Location:https://www.paypal.com/cgi-bin/webscr?cmd=$_POST['cmd']&r edirect_cm d=$_POST[' redirect_c md']&busin ess=$_POST ['business ']
&upload=$_POST['upload']&i tem_name_1 =$item1&qu antity_1=$ _POST['qua ntity_1']& amount_1=$ _POST['amo unt_1']");
header("Location:https://www.paypal.com/cgi-bin/webscr?cmd=$_POST['cmd']&r
&upload=$_POST['upload']&i
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Both !
And there is another way.. you can surround the variables in {} as in:
...cmd={$_POST['cmd']}&...
And there is another way.. you can surround the variables in {} as in:
...cmd={$_POST['cmd']}&...
ASKER
Thanks guys, I'll leave this open a little longer
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Ah yes, sorry about that. Or like this:
header("Location: $url");
(You don't need to separate variables when you're using double quotes.)
header("Location: $url");
(You don't need to separate variables when you're using double quotes.)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Another thing you have to note is if $_POST['redirect_cmd'] will be somthing like "text with spaces" then this header will cause an error. So you have to validate all data in according to url's conditions.
If you're using PHP 5 or above then you can use http_build_query(); If not you have to create your own function. Anyway you can create a PHPVersion-Independant function to do this:
<?php
function prepareUrl($dataArray)
{
// If our server is PHP 5 and higher, then
// http_build_query() function must exist
// and we can use it.
// $dataArray must be an array.
if (is_array($dataArray) && function_exists("http_buil d_query")) {
return http_build_query($dataArra y);
}
// If http_build_query() is not exist, and
// $dataArray is array, then do urlencode
// dor all values of $dataArray
elseif (is_array($dataArray)) {
$parsed = array();
foreach ($dataArray as $k => $v) {
$parsed[] = $k . "=" . urlencode($v);
}
return implode("&", $parsed);
}
else {
trigger_error("First param of prepareUrl must be an array.", E_USER_WARNING);
return null;
}
}
$url_data = array(
"cmd" => $_POST['cmd'],
"redirect_cmd" => $_POST['redirect_cmd'],
"business" => $_POST['business'],
"upload" => $_POST['upload'],
"item_name_1" => $item1,
"quantity_1" => $_POST['quantity_1'],
"amount_1" => $_POST['amount_1']
);
$url_query = prepareUrl($url_data);
header("Location: https://www.paypal.com/cgi-bin/webscr?{$url_query}");
exit();
?>
If you're using PHP 5 or above then you can use http_build_query(); If not you have to create your own function. Anyway you can create a PHPVersion-Independant function to do this:
<?php
function prepareUrl($dataArray)
{
// If our server is PHP 5 and higher, then
// http_build_query() function must exist
// and we can use it.
// $dataArray must be an array.
if (is_array($dataArray) && function_exists("http_buil
return http_build_query($dataArra
}
// If http_build_query() is not exist, and
// $dataArray is array, then do urlencode
// dor all values of $dataArray
elseif (is_array($dataArray)) {
$parsed = array();
foreach ($dataArray as $k => $v) {
$parsed[] = $k . "=" . urlencode($v);
}
return implode("&", $parsed);
}
else {
trigger_error("First param of prepareUrl must be an array.", E_USER_WARNING);
return null;
}
}
$url_data = array(
"cmd" => $_POST['cmd'],
"redirect_cmd" => $_POST['redirect_cmd'],
"business" => $_POST['business'],
"upload" => $_POST['upload'],
"item_name_1" => $item1,
"quantity_1" => $_POST['quantity_1'],
"amount_1" => $_POST['amount_1']
);
$url_query = prepareUrl($url_data);
header("Location: https://www.paypal.com/cgi-bin/webscr?{$url_query}");
exit();
?>
Why not just use urlencode()?
// URL stored in variable $url
header('Location: ' . urlencode($url));
// URL stored in variable $url
header('Location: ' . urlencode($url));
<?php
$url = "https://www.paypal.com/cgi-bin/webscr?cmd=test&var2=a lot of text&var3=with\'special chars";
var_dump(urlencode($url));
?>
That's why...
$url = "https://www.paypal.com/cgi-bin/webscr?cmd=test&var2=a lot of text&var3=with\'special chars";
var_dump(urlencode($url));
?>
That's why...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
KennyTM, I've wrote about it. But he cannot use http_build_query() on $_POST, because:
1. _POST can conatin data that has not to be inserted in query
2. He need not to put only some _POST values, but $item1
Also his server may not have PHP 5, but PHP4. That's why I've suggested a function.
1. _POST can conatin data that has not to be inserted in query
2. He need not to put only some _POST values, but $item1
Also his server may not have PHP 5, but PHP4. That's why I've suggested a function.
ASKER
I got it. I learned a lot from all of your posts. Thanks you guys,
Bob
Bob
ASKER
Which of the two ways above is correct?