1

I'm developing a custom content management script, and I'm working on page redirection.

The code below compares the URL code to the URL for the a certain page ID in the database, and if the two URLs are not the same, the user is redirected.

However, I want to add a variable, so that we can check if the page has been redirected or not. It isn't working.

if (isset ( $_GET ['id'] ) && $rawdata) {
        if ($_SERVER ["REQUEST_URI"] != $rawdata ['htmltitle']) {
            header ( "HTTP/1.1 301 Moved Permanently" );
            header ( "Location: http://${_SERVER['SERVER_NAME']}:${_SERVER["SERVER_PORT"]}${rawdata['htmltitle']}" );
            $redirected = true;
            ;
        }
    }

if ($redirected == true) {
            print_redirect_nonexpected ();
        }

function print_redirect_nonexpected (){
echo "<!-- REDIRECTED _ NOT _ EXPECTED ? -->";
}

The function isn't being run, so no echoing. Any ideas what I'm doing wrong here?

Improve this question

3 Answers 3

Reset to default
1

Use this:

header ( "Location: http://".$_SERVER['SERVER_NAME'].$_SERVER['SERVER_PORT'].$rawdata['htmltitle']);

If $rawdata['htmltitle'] is full URL of your page, use this:

header ( "Location: http://".$rawdata['htmltitle']);

And also adding die() after header() is good.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

When you send a Location: header, the user-agent stops loading the current page and loads whatever page you tell it to load, so you'll never see the output.

However, your code may* continue to execute in the background, so usually you want to follow your header() with an exit; to prevent unwanted behavior.

* Depends on server configuration and on ignore_user_abort.

Also, header("Location: /{$rawdata['htmltitle']}"); will suffice. Since you are redirecting to the same server, an absolute path suffices. Don't overcomplicate your redirects for nothing with $_SERVER variables.

Improve this answer

4 Comments

So how would I deal with this situation?
@Shamil: Either pass state information with a GET variable within your redirect URL or use a $_SESSION variable.
@Shamil: How is it failing? Instead of redirecting, output the URL you would normally pass to the browser... Also, header("Location: /${rawdata['htmltitle']}"); will suffice. Since you are redirecting to the same server, and absolute path suffices.
The url (htmltitle) could be: page.24, however it's correct url is page.1. The system uses the number to correctly identify the page url.
-1

As soon as the Location header is sent the browser will abort the current operation and fetch the page at the redirected location. This means that for all intents and purposes a location ('header: example.com') will have essentially the same effect as a die (). You can override this behaviour by using output buffering, or you can move the header() calls to lower down in your script. However you can't move them to after the print_redirect_unexpected call, as sending any output to the browser will cause all headers to be sent as well and you won't be able to send any more.

So basically, you need to turn on output buffering.

Improve this answer

3 Comments

-1: header('Location: ') does not kill the active script. It does however prevent you from seeing the output of the script. An important nuance when trying to prevent an unauthorized user from making an unwanted DELETE.
I did say "essentially". While it's true the script keeps running you'll never see the output from it so the effects are pretty much the same as a die() unless your script is causing filesystem/database changes.
That's a pretty important unless.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.