PHP Redirection question

Let's say my page makes an ajax call whose url is some other php script page (let's say process.php).

While inside process.php, I am trying to redirect to the login page, and it just won't work. I checked the Network window of Netbeans, and I see the redirection in the network stream to my login.php, but my browser page isn't changing; instead, the ajax()'s .fail() handler is getting invoked and is passed a "200 OK" . This is so bizarre, the .fail() handler is receiving the 200 OK message, but that's not supposed to be a failure because 200 means successful.

So my question is, does PHP allow redirection from a PHP script file in this context?
elepilAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

RobOwner (Aidellio)Commented:
No it won't. Ajax requests cannot redirect the page based on the headers received from your php page.
0
RobOwner (Aidellio)Commented:
What you need to do is rethink your strategy about what you're trying to do.  If you need to be logged in to perform that action then have javascript redirect to the login page via the window.location property.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
elepilAuthor Commented:
Rob, thanks for responding!

Bear with me, but is it possible to give me a brief explanation of why a PHP script in this context will not redirect? I'm just trying to understand.

Thanks :)
0
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

RobOwner (Aidellio)Commented:
To keep it simple it is because it is JavaScript (not the browser's engine) doing the request and receiving the response.    Firstly the response is a 200 because the communication between the client and server was all ok.  When the browser gets the header to redirect, it redirects to the given address.  When JavaScript gets that header, it's essentially ignored, if you choose to do something with it then so be it but it's giving you the flexibility to choose what you want to do.
0
RobOwner (Aidellio)Commented:
The issue here is it appears that you shouldn't be trying to redirect to the login page from the process.php page.  I try to have separate php pages for ajax requests compared to the actual pages you navigate to.  That would mean that my ajax php pages would never redirect and only send and receive information (usually in JSON).
0
elepilAuthor Commented:
Rob,

My plan was to redirect from process.php to the login page only when I detect a security breach with messages so as to confuse a hacker.

You said in your previous post:
When JavaScript gets that header, it's essentially ignored, if you choose to do something with it then so be it but it's giving you the flexibility to choose what you want to do.

Okay, I'd be the first to admit I'm ignorant on this. My PHP redirect deals with the header, i.e., header("Location: someURL"). I also thought headers were handled by browsers, not JavaScript. What's confusing me in this case is why the browser would reject my redirection, and what does JavaScript have to do with this?

Anyway, I'm giving you the points, and if you're too busy to explain, I would understand.

Thanks for your help.
0
RobOwner (Aidellio)Commented:
thanks for the points :)

The header is really only a request to whoever's receiving it that you should redirect to the given url.  It doesn't force it to happen, the browser complies with this request because it complies with the standards governing browsers (or we wouldn't use them)

Essentially the browser isn't involved, it facilitates the connection between the JavaScript and the server but isn't involved any further than that.  Different story if the browser was pointed to your "process.php" and it was sent a redirect header.  Sorry it's hard to explain but essentially JavaScript isn't a browser.  It can control the browser to a certain extent in which it's running but it doesn't parse html and display it nor acknowledge html headers.
0
elepilAuthor Commented:
I thought I was going through some unique bug happening only in my system. I am glad you confirmed to me that it really won't work this way.

Thanks for help, and your efforts are appreciated as usual. :)
0
RobOwner (Aidellio)Commented:
Not a problem and my pleasure.
0
Dave BaldwinFixer of ProblemsCommented:
AJAX is based on XMLHttpRequest which is a javascript function and not a browser navigation function.  This page from Mozilla Developer Network has a lot of detail about it:  https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest
0
elepilAuthor Commented:
Dave, thanks for responding.

I always saw redirection as something that overrides everything, that is, until now. It's like you running a desktop application and Windows Update force restarts your computer, or a running Unix/Linux application's process that was killed by the administrator. In fact, I believe window.location works that way where it could abort and redirect you to wherever you want anytime, regardless of what is going on at the time. I'm just surprised redirecting from PHP does not have the same effect.

Because that was what I was trying to do. At the detection of a security breach, I wanted to kick the application back to a login page, regardless of what was happening at the time. Clearly I have to use a different strategy.
0
Dave BaldwinFixer of ProblemsCommented:
"window.location" is written to do that while AJAX / "XMLHttpRequest is not."  If it were my pages, I would just quit on detecting a security breach.  If I were to send them somewhere, it would be an error page (which I actually do on one site) or to Google.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.