hankknight
asked on
PHP: Don't let POST data follow redirect
If a POST request is sent to my webpage, I want to redirect them to my error page.
I use this code:
Visitors get this error:
How can I redirect a user without giving them the option to re-post data?
I use this code:
header('Location: http://www.example.com/error/', true, 307);
Visitors get this error:
This web page is being redirected to a new location. Would you like to resend the form data you have typed to the new location?
I do NOT want any POST data to be submitted or re-submitted. I do not want to allow visitors to do that. How can I redirect a user without giving them the option to re-post data?
Can also try using this function instead:
//==== Redirect... Try PHP header redirect, then Java redirect, then try http redirect.:
function redirect($url){
if (!headers_sent()){ //If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}else{ //If headers are sent... do java redirect... if java disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$ url.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}//==== End -- Redirect
//==== Redirect... Try PHP header redirect, then Java redirect, then try http redirect.:
function redirect($url){
if (!headers_sent()){ //If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}else{ //If headers are sent... do java redirect... if java disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}//==== End -- Redirect
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Actually he still has the problem of Location sends the current HTTP request (POST data and all) to the specified url, where as refresh creates a new HTTP.
Let me suggest a different strategy.
Instead of this:
If a POST request is sent to my webpage, I want to redirect them to my error page.
Try this:
If a POST request is sent to my webpage, I will use PHP include() to load the script for my error page. My error page will, of course, not care about the POST array.
Instead of this:
If a POST request is sent to my webpage, I want to redirect them to my error page.
Try this:
If a POST request is sent to my webpage, I will use PHP include() to load the script for my error page. My error page will, of course, not care about the POST array.
do just..
header("'Location: http://www.example.com/error/");
exit;
ignore above comment... there is some syntax issue... do just..
header("Location: http://www.example.com/error/");
exit;
no need to pass optional parameters.. that should work..
still has the problem of Location sends the current HTTP request (POST data and all) to the specified url, where as refresh creates a new HTTP.
Yep!
Yep!
Open in new window
Might work. Untested.
HTH