I want my index.php to redirect to my welcome/index.html. I know there are so many ways to do it but I want to shorten it just like Facebook does. I want a url based redirection. I want to redirect index.php to welcome/index.html by using url.
For example:
example.com to example.com/?url=welcome
//this 'url=welcome' is the index.html of my welcome folder.
Here's the code, according to what I've understood. Place it on the very top of index.php. I'm assuming you're using the domain example.com
<?php
$destination = $_GET["url"];
switch($destination) {
case "welcome": // add your destinations here, one per single "case"
case "about":
case "anotherpage":
header("Location: /" . $destination . "/index.html");
break;
default:
echo "Error";
break;
}
?>
Doing this way you can manage which redirects will work and what not, avoinding "evil" usages of your redirect system.
Something malicious like example.com?url=http://evilsite.com will not redirect them to evilsite.com
This is probably not the best solution, but it's a good starting point to avoid not wanted redirections.
somewhere i read using header for redirection is little bit dangerous as header can b changed easily by hacker and hacker can send victim to another location easily. so i use javascript location.href function for redirection.
<?php
echo "<script>window.location ='http://example.com/welcome/index.html</script>";
?>
if you want to send user to dynamic url from example.com you can set a get variable like.
source address: http//example.com?url=http://example.com/welcome.html
destination address: http://example.com/welcome.html
<?php
if(isset($_GET['url']))
echo "<script>window.location ='$_GET[url]'</script>";
else
echo "<script>window.location='http://somewhereelse.com'";
?>
now u can dynamically set url variable in your source address and redirect user wherever you want to
Not really sure if this would help, but you're welcome to try
<?php
if (isset($_GET["url"])) {
$url = $_GET['url'];
header('Location:'.$url);
}
?>
I haven't tried this, but this is what I thought after seeing your post
Related
I have a page index.php, I want to append a parameter to the end of URL upon a certain action by user. So the result would be index.php?param=1
Using the below PHP code causing an infinite redirect loop.
<?php
header("Location: index.php?param=1");
?>
Using the below Javascript code result in infinite refresh loop.
window.location = "?param=1";
How can I append that parameter only once without encountering any loop using either PHP, Javascript or jQuery?
For the PHP version, try:
<?php
if( !isset( $_GET['param'] ) ){
header('location: index.php?param=1' );
}
?>
Please try add host name and then try.
Example - If you are using localhost.
<?php
header("Location: http://localhost/index.php?param=1");
?>
Apart from using Apache's mod_rewrite, you could check if the additional parameter is already set, e.g.
<?php
if (isset($_SERVER['QUERY_STRING']))
header("Location: index.php?param=1");
?>
It is better to use .htaccess files to set redirects due to there is the good practice to store logic and server configuration separately.
Here is .htaccess code for you:
Redirect /path/to/index.php http://yourdomain.com/path/to/index.php?param=1
or if you need to have permanent redirect use
Redirect 301 /path/to/index.php http://yourdomain.com/path/to/index.php?param=1
If you do not use Apache but Nginx or something else check their documentation how to make redirects. Typically it is very easy.
I am trying to have page1.php redirect to page2.php after 5 seconds. However page2.php needs to be a restricted page that can only be viewed if you are being sent from --> mydomain.com/page1.php and can not be accessible if you type the address manually into the address bar.
I have tried methods that use shared keys, htaccess and php HTTP_REFERRER.
I believe the issue is coming from the redirection, and I believe it is because the redirect script is not sending the HTTP_REFERRER and therefore page2.php is looking at the url sent from the redirection script as being manually entered. I have tried with a simple php redirect and javascript. Below are the two different redirect scripts I have used.
php version.
header( "refresh:5;url=page2.php" );
Javascript version.
<script type="text/javascript">
function Redirect()
{
window.location="page2.php";
}
setTimeout('Redirect()', 5000);
</script>
I have tried these with the full url and with/without http:// for example mydomain.com/page2.php.
Page2.php needs to only accept traffic from page1.php. I have no objection as to how to go about achieving this. Using shared keys or any other aspect just as long as the user can not enter the address manually and visit the page. I am also fully aware the Referrer can be spoofed however I do not have the expertise to get to advanced.
You can use session data to make sure users of page2 have passed through page 1
With the way sessions work,The encrypted string is quite secure even if it is not encrypted at all.
on page1:
session_start();
$_SESSION['secret_key'] = 'encrypted_string';
on page2:
session_start();
if($_SESSION['secret_key'] == 'encrypted_string'){
// user is authorized
echo 'You are authorized to see this page';
}
else{
echo 'Please visit page1 before accessing this page';
}
// Logic for authorized user
Or, shorter version for page2 :
if(empty($_SESSION['secret_key']) || $_SESSION['secret_key'] != 'encrypted_string'){
die('You are not authorized to view this page.');
}
echo 'only authorized user will see from here forward';
BTW, when testing, remember that once your session is set, you will have to delete sessions in browser, or use incognito to test again.
To delete cache on chrome ctrl+shift+delete and choose cookies and other
Here's how I would do it, using 3 pages.
On the landing page, include your JavaScript, this will redirect you to an intermediate page that sets a session variable before redirecting to the final page.
On the final page, check the session variable, determine whether or not to display the page, then unset the session variable (so if they try again without returning to the first page, it will no longer work).
p1.php
<?php session_start(); ?>
<script type="text/javascript">
function Redirect()
{
window.location="p12.php";
}
setTimeout('Redirect()', 5000);
</script>
p12.php
<?php session_start();
$_SESSION['secret'] = 'todays_password';
$newURL = 'p2.php';
header('Location: '.$newURL);
?>
<script type="text/javascript">
function Redirect()
{
window.location="p2.php";
}
Redirect();
</script>
p2.php
<?php session_start();
if (isset($_SESSION['secret']))
{
if ($_SESSION['secret'] == 'todays_password')
{
//The user provided the correct secret session variable
echo 'welcome. you can view this page.';
//Put all of your page content here
?>
<!-- HTML content should be in between php delimiters, like this-->
<?php
}
else
{
//The user supplied a secret code, but it was not the correct one
echo 'invalid secret.';
//You can also add code for redirecting the user back to p1 here
//Or just display an error message
}
}
else
{
//The user did not provide a secret session variable -- they most likely did not pass through p12.
echo 'error, you are unable to view this page';
//You can also add code for redirecting the user back to p1 here
//Or just display an error message
}
unset($_SESSION['secret']); //This line makes the user return to p1 every time they visit p2 -- delete this line if you only want them to visit p1 once.
?>
To make this method secure, you'd need to give each user a unique value for their secret session variable. Store this variable, along with it's timestamp when the user visits p1 both as a session variable for the client and in a server-side database. When p2 is loaded, check to see if the session value they provide is at least 5 seconds old in the database. If it is, let them see the page. Then delete the value in the database.
I am using following code to redirect
header('Location: '.$fileID.'php');
}
else if (!isset($_SESSION['login']))
echo '<p>you need to register first.</p>' ;
?>
$fileID has a value bacuse I am using this value in other part of code and that works fine. I also tried
echo '<script>window.location="'.$fileID.'php"</script>';
but got a notfound error. I would like to get it working by any of these methods but would prefer the header method. Any help is appreciated.
I wanted to put this in a comment but I don't have enough reputation :( Anyways try changing your header from this:
header('Location: '.$fileID.'php');
To this:
header('Location: '.$fileID.'.php');
You should exit; after redirect with headers, because the script will go on executing otherwise which can lead to unintended side effects.
but got a notfound error.
URL seems wrong, echo the output and see if it matches your expected location.
I Have one registration and payment page. program flow is like registration > confirmation > payment. After validation and calculation in registration page need to go to confirmation page.
My code is
<?php
ob_start();
session_start();
include("header.php");
include("ini.php");
date_default_timezone_set('Asia/Brunei');
header('Cache-Control: max-age=900');
if (isset($_POST['submit'])) {
$error = 0;
//validations
if ($error <= 0) {
//do some calculation
header('location:confirm.php');
}
}
<?php
ob_flush();
?>
Control entered in to if ($error <= 0) clause, but stay on the registration page.
I tried many ways like
header('location:confirm.php', true, 302);
instead of
header('location:confirm.php');
removed
ob_start() and ob_flush()
add exit() after header()
then it goes to blank page.
Also try to use
echo '<script type="text/javascript">';
echo 'window.location.href="confirm.php";';
echo '</script>';
Then the control goes to confirmation page but url seems to be as registration.php
But header('location:confirm.php'); is working fine in my local server. Anybody please help me to resolve this issue.. Is there any alternate way for header(). Looking forward to you guys.. Thanks
Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file.
Also try to change header('Location:confirm.php');
(Note L is capital since its work in your local server may be problem with strict php type try this once)
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$extra = 'confirm.php';
header("Location: http://$host$uri/$extra");
use ob_end_flush() at the end. This should work like charm.
i had the same issues for years but today i discovered that u don't have to have any html or blank space before the header word .Try it out
I am new to wordpress.
I have tried the following code
header("Location: $location", true, $status);
I want to redirect the page to particular page and i am getting this kind of error
"Cannot modify header information - headers already sent by (output started at /home/content/c/l/a/clareb23/html/client4/wp-content/plugins/featured-articles-lite/main.php:773) in /home/content/c/l/a/clareb23/html/client4/wp-includes/pluggable.php on line 870"
Any suggestions would be appreciated.
Based on comment
You can do it like this:
<script>
window.location = '<?php echo $location?>?myvar=true&status=<?php echo $status?>';
</script>
Make sure that you do not echo/print anything on screen before header(...) statement and that there is no whitespace before opening php tag eg <?php. It is also good practice to put exit() after header() function.