PHP: Don't let POST data follow redirect
If a POST request is sent to my webpage, I want to redirect them to my error page.
I use this code:
Visitors get this error:
How can I redirect a user without giving them the option to re-post data?
I use this code:
header('Location: http://www.example.com/error/', true, 307);Visitors get this error:
This web page is being redirected to a new location. Would you like to resend the form data you have typed to the new location?
I do NOT want any POST data to be submitted or re-submitted. I do not want to allow visitors to do that. How can I redirect a user without giving them the option to re-post data?
Can also try using this function instead:
//==== Redirect... Try PHP header redirect, then Java redirect, then try http redirect.:
function redirect($url){
if (!headers_sent()){ //If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}else{ //If headers are sent... do java redirect... if java disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}//==== End -- Redirect
//==== Redirect... Try PHP header redirect, then Java redirect, then try http redirect.:
function redirect($url){
if (!headers_sent()){ //If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}else{ //If headers are sent... do java redirect... if java disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}//==== End -- Redirect
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Actually he still has the problem of Location sends the current HTTP request (POST data and all) to the specified url, where as refresh creates a new HTTP.
Let me suggest a different strategy.
Instead of this:
If a POST request is sent to my webpage, I want to redirect them to my error page.
Try this:
If a POST request is sent to my webpage, I will use PHP include() to load the script for my error page. My error page will, of course, not care about the POST array.
Instead of this:
If a POST request is sent to my webpage, I want to redirect them to my error page.
Try this:
If a POST request is sent to my webpage, I will use PHP include() to load the script for my error page. My error page will, of course, not care about the POST array.
do just..
header("'Location: http://www.example.com/error/");
exit;
ignore above comment... there is some syntax issue... do just..
header("Location: http://www.example.com/error/");
exit;
still has the problem of Location sends the current HTTP request (POST data and all) to the specified url, where as refresh creates a new HTTP.
Yep!
Yep!
Open in new window
Might work. Untested.
HTH