redirect

[mortalc]

How do I redirect to another webpage using PHP?

[thescientist]

look up php headers

[mortalc]

Could you give me a link? I can't find it on the tutorial. Or am I just being an idiot?Ed:Never mind. I found it!And can I use a $_POST method to go to a html file (with PHP in it), instead of a PHP file?

[23.12.2012]

It depends on your web server's configuration. If it doesn't recognize .html files as PHP files (that is, if they're not associated), it won't process the PHP in your .html file, but the .html file can be used as a form's action. In fact, any file can be used as an action, but only configured ones can do the processing.

[mortalc]

Um....So can I get it to send to a html file, but still process the PHP in it?

[mortalc]

Also, Would this work:Say I have processed a form with the $_POST method, and sent it to position.html. This is supposed to prevent someone going straight to Position.html without logging in first:

<?phpif ($_POST["answer"]!="Oxford") die("You have not logged in!");?>

THis would be included at the beginning of Position.html (straight after <head>), which would explain my earlier question. But would it work?

[23.12.2012]

If you configure your Apache's httpd.conf, you can send to abc809.html. But you can always send to 123xyz.php, which can safely contain both HTML and PHP. Regarding your other question, it would work in a very trivial way. You can always use cookies, sessions and a database for authentication. The above method can be easily tricked.

[mortalc]

If you configure your Apache's httpd.conf, you can send to abc809.html. But you can always send to 123xyz.php, which can safely contain both HTML and PHP. Regarding your other question, it would work in a very trivial way. You can always use cookies, sessions and a database for authentication. The above method can be easily tricked.

Does it have to be called '123xyz.php' or was that just an example?And, out of interest, how would it be tricked?

[Synook]

It is trivial to construct a HTTP request. Note that PHP files are just HTML files (i.e., they send the content type text/html by default) with PHP in it (i.e. the PHP resides in blocks within the markup), so you don't need to worry about the distinction.

[mortalc]

But would it work in theory (i.e. close the page if the user is not logged in)?

[Synook]

Yes, but it is easy to circumvent. You are better of using sessions.P.S. it is better to put authentication logic above all HTML.

[mortalc]

What do you mean by "circumvent"?By sessions, do you mean this:

<?php session_start();session_destroy();?>

is authentic logic redirecting/closing the webpage/etc.?

[thescientist]

circumvent means to get around.http://www.google.com/#hl=en&source=hp...1611131acff80b7

[mortalc]

Oh, sorry, Silly mistake. I thought it was some sort of function... But I understand now.So how would I:a) go to a different page in the middle of a PHP script (within an if() function),and Close the webpage in the middle of a PHP script.

[thescientist]

if you haven't sent any output to browser, then you can use PHP headers. if not you'll probably have to use javascript; depends on what you're trying to do. If the situation is that you have some sort of dispatcher page that's deciding if certain values passed to it (or that are present by use of $_SESSION) are valid and redirects based on that criteria, then PHP is your guy.you shouldn't be trying to close people's web browsers anyway. Instead you should just handle the exception with an error page of some sort.

[mortalc]

The last one.But I can't redirect with header(), can I? because it will have to be in an IF function.Ok, I won't close the page. But I do need a way to redirect in an if function (so after output - if an if function counts as output.)

[thescientist]

The last one.But I can't redirect with header(), can I? because it will have to be in an IF function.Ok, I won't close the page. But I do need a way to redirect in an if function (so after output - if an if function counts as output.)

it seemed like you had a page where someone was logging in. when someone submits the form, you can have it submit to the same page. when that happens, the values of the form elements will be available in the global $_POST array. This submittion will also cause the page to refresh. Now here's how it works. Have an if statement before all your HTML starts. Have it check the $_POST values. if they are empty, then the form was never submitted (like on first viewing of the page) and so you would skip over everything and let the page display as normal. Now if the the $_POST values aren't empty, then if statement will execute the else clause, and this is where you can check their values and redirect.something like this.thispage.php

<?phpif($_POST value's are empty){  //do nothing, let the page load normally}else{  //post value's contain something  //process here and redirect based on values};?><html><body>  <form action="thispage.php" method="post">	//your form stuff here  </form></body></html>

waaaaayyyyyy abridged, but should be proof enough of concept.

[mortalc]

...The only problem is that they would be able to view the passwords in 'view source'.

[justsomeguy]

Not if the passwords are in the PHP code. It sounds like you haven't studied PHP much, you would probably have a much easier time doing things like this if you went through the basic tutorials and the PHP manual, just to learn about the theory.