Jump to content
  • Advertisement
Sign in to follow this  
BeanDog

[web] header('location:?') in Safari?

This topic is 3715 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I often have pages that take querystring parameters, processes what the querystring commands, and then redirects to '?' (the current page with no query string) to prevent the Refresh button from causing the same thing to happen again. Consider the following simplified code snippet. It's a GET form with a single text input and a submit button. A form like this would do some processing with the input (perhaps send an email), and redirect to the same page with that info cleared out of the querystring.
<?php
if(isset($_REQUEST['submit'])) {
	//Do something here.

	header('location:?');
	exit;
}
?>
<html>
<body>

<form method='get'>
<input name='text'>
<input name='submit' type='submit'>
</form>
Load up that page in Safari and hit the submit button, and you get a URL of index.php?text=whatever&submit=Submit????????????????????????? and an error that the page is redirecting incorrectly. It seems that if you ask Safari to redirect and just pass it a querystring (even just '?'), it appends to the query string rather than replacing it. Obviously, redirecting to 'index.php' rather than '?' would fix the problem. However, I've used this construct in dozens or hundreds of places, and it's a safeguard against renaming scripts (or copy-pasting the redirect code into a different script). Anyone know why Safari acts this way? And anyone have a suggestion on how to get around this without hard-coding the name of the script into the script itself?

Share this post


Link to post
Share on other sites
Advertisement
Quote:
Original post by BeanDog
And anyone have a suggestion on how to get around this without hard-coding the name of the script into the script itself?
One method I use is to generate a random number on each page load. This number is stored in a hidden field on the form and also stored in a session variable. When the page is submitted, I check that the two match; if not I unset() the submit button's $_POST variable (effectively disabling it) before the form is drawn again. This way, hitting refresh is ineffective as by that time the session variable contains a new magic number.

However, this is probably a little over-complex for what you want; rather than hard-coding the page name use the predefined variable $_SERVER['PHP_SELF'].

Share this post


Link to post
Share on other sites
What are you doing with the query string that you want to prevent from occurring again? If it's HTTP GET then you should be able to repeat the command without problems. If you're modifying something significant then you should be using POST or one of the other HTTP methods.

Share this post


Link to post
Share on other sites
The HTTP Location header requires an absolute URI according to the specs. This means you're relying on a browser's own interpretation when you're passing a relative URI to Location. Just use absolute URI's and you'll be fine.

Share this post


Link to post
Share on other sites
Quote:
Original post by Colin Jeanne
What are you doing with the query string that you want to prevent from occurring again? If it's HTTP GET then you should be able to repeat the command without problems. If you're modifying something significant then you should be using POST or one of the other HTTP methods.

I realize this. I rarely use GET to do something I wouldn't want repeated, but my same needs (not having Refresh do anything) apply for pages that take POST data. Redirecting to the current page with no GET/POST data meets that need.

Share this post


Link to post
Share on other sites
Try:

header('location: ' . __FILE__);


Else go with benryves' suggestion and use $_SERVER['PHP_SELF'] or $_SERVER['REQUEST_URI']. It shouldn't take you more than 3 lines of code to figure out the correct redirect location from REQUEST_URI. Just wrap it in a function and do a multifile search/replace on your existing header('location ...') calls.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!