Best way of redirecting the url in php?
Question
I am working on web application(in php),where i require to redirect url with some parameter.I have written a code like this
header("Location:http://www.xyz.com?code=2345");
This will redirect to corresponding url but the my data is visible in the browser,i don't want my data to be visible in the browser.how to hide the data? Is this the secure way of redirection? What is the best way of redirection?
6 answers
solution1
1 2011-06-28 13:26:57
Use CakePHP's inbuilt redirect function for the redirect but the variable will still be visible in the URL.
solution2
0 2011-06-28 13:25:24
you'll need to use POST then, not GET if you do not want it displayed
solution3
0 2011-06-28 13:25:55
If you redirect to the same host, you can store the data in the session and transmit the session ID via cookie.
Alternatively, you store the data and send a session ID nevertheless. The target system reads the session ID and requests the original data from the original server based on the session ID.
solution4
0 2011-06-28 13:26:26
How about setting the variables in a session before redirecting:
session_start();
$_SESSION['code'] = 2345;
header("Location: http://www.xyz.com");
solution5
0 2011-06-28 13:27:36
Instead of using a GET parameter in the URL why not set some data to the session ? You can then redirect as normal but the data isn't visible to the user, it's stored on the server side.
solution6
0 ACCPTED 2011-06-28 13:31:13
It's possible to redirect POST fields that have been sent to the current request (by redirecting with a 307 ), but to create them artificially is tricky and depends on if the user has javascript enabled. I use this function, but you shouldn't depend on it working if the user disables javascript.
<?php
function createHiddenFields( $value, $name = NULL )
{
$output = "";
if( is_array( $value ) ) {
foreach( $value as $key => $value ) {
$output .= self::createHiddenFields( $value, is_null( $name ) ? $key : $name."[$key]" );
}
} else {
$output .= sprintf("<input type=\"hidden\" name=\"%s\" value=\"%s\" />",
htmlspecialchars( stripslashes( $name ) ),
htmlspecialchars( stripslashes( $value ) )
);
}
return $output;
}
function redirectNowWithPost( $url, array $post_array = NULL )
{
if( is_null( $post_array ) ) { //we want to forward our $_POST fields
header( "Location: $url", TRUE, 307 );
} elseif( ! $post_array ) { //we don't have any fields to forward
header( "Location: $url", TRUE );
} else { //we have some to forward let's fake a custom post w/ javascript
?>
<form action="<?php echo htmlspecialchars( $url ); ?>" method="post">
<script type="text/javascript">
//this is a hack so that the submit function doesn't get overridden by a field called "submit"
document.forms[0].___submit___ = document.forms[0].submit;
</script>
<?php print createHiddenFields( $post_array ); ?>
</form>
<script type="text/javascript">
document.forms[0].___submit___();
</script>
<?php
}
exit();
}
?>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.