We Keep Coding

PHP URL Variable Redirect

I have a login page that submits to another page while adding a string to the end of the url. Would look something like this 'http://example.com?klc' I know I can use $_SERVER["QUERY_STRING"] to get the string, but now I need to use it in a function to direct the user to a different page, based on the string. This is what I have written in the target file
<?php
$access = $_SERVER["QUERY_STRING"];
function user_admin_redirect($access){
if ($access = "ppl"){
redirect_to("ppl_admin.html");}
else ($access = "klc"){
redirect_to("klc_admin.html");}
}
}
user_admin_redirect($access);
but for some reason the script dies. Any tips would be welcomed. Also, I have the system setup on my website, contact me if you are willing to help I can give you a test login.

$access = $_SERVER["QUERY_STRING"];
function user_admin_redirect($access){
if ($access == "ppl"){
redirect_to("ppl_admin.html");}
else if($access == "klc"){
redirect_to("klc_admin.html");}
}
}
user_admin_redirect($access);
You need to use == and not = when using if
You need to use else if and not just else
I am assuming redirect_to is some custom function that you have written which will redirect you to the mentioned page. If not, you should use header('Location: ' . $location);

I don't think redirect_to is a built-in PHP function.
You might need to use
header("Location:".$myPhpScript);
or you could define redirect_to, like:
function redirect_to($location){
header("Location:".$location);
}
See more here:
php redirect_to() function undefined
How to make a redirect in PHP?

HTTP_referer for multiple URL's

I Got this "HTTP_referer-script" that checks if a visitor comes from a certain URL (password protected) when entering the site. My problem is that It only seems to work if the visitor comes from the absolute right URL. I.e:
If the user comes from: http://mydomain.com it works fine but if the user comes from http://www.mydomain.com it wont work.
Is there anyway to add a second URL to the HTTP_referer in this case the same domain but with "www" aswell?
<?php
$referrer = $_SERVER['HTTP_REFERER'];
if ($referrer != 'http://mydomain.com/') {
die("You do not have access to this site.");
}
// put your page code here
?>
<h1>Content here</h1>
Thanks a lot!
/a

The contents of $_SERVER['HTTP_REFERER'] are derived from the request the client sends to your webserver. First of all it is important to realize that this information is by no means to be trusted. It is easily faked by the client.
That being said. What you probably want to do is simply check if the domain is part of the $_SERVER['HTTP_REFERER'] string. Because in this case https://domain.com also wouln`t work.
So by your example, use this:
<?php
if ( strstr($_SERVER['HTTP_REFERER'], 'mydomain.com') ) {
die("You do not have access to this site.");
}
// put your page code here
?>
<h1>Content here</h1>
This code simply checks if "mydomain.com" is part of the contents of $_SERVER['HTTP_REFERER'].
Do realize this would also mean: http://www.somedomain.com?test=mydomain.com as referer would also match, but it is not very likely you will run into that situation (nor will it probably matter..)

Use in_array in conjunction with array of urls:
if (!in_array($referrer, array('http://mydomain.com/', 'http://www.mydomain.com/'))) {
die("You do not have access to this site.");
}

Put two if statements as follows.
<?php
$referrer = $_SERVER['HTTP_REFERER'];
if ($referrer != 'http://mydomain.com/') {
die("You do not have access to this site.");
}
if ($referrer != 'http://www.mydomain.com/') {
die("You do not have access to this site.");
}
// put your page code here
?>
<h1>Content here</h1>

$allowed = array("hello.com","example2.com");
foreach ($allowed as $site) {
if(!preg_match("#$site#", $url))
die("You do not have access to this site.");
else
break;
}

Wordpress wp_redirect not redirecting

Hello guys badly need help here, I have created a custom template in wordpress. Now I also used a session variable to check status which I placed in the index.php, if session variable is 1 then redirect to a specific php file. But wp_direct() doesn't seem to work when I uploaded and installed the custom theme on my wordpress site. Check my codes:
<?php
session_start();
if ((isset($_SESSION['stat']) && $_SESSION['stat'] == '1')) {
wp_redirect('http://example.com/wp-content/themes/customtheme/newpage.php', 301);
exit;
?>
Code above only displays a blank page. Any help would be much appreciated.
UPDATE [SOLVED]: I managed to fix it, instead of using wp_redirect() I used a javascript method for redirection. Working code:
<?php
session_start();
if ((isset($_SESSION['stat']) && $_SESSION['stat'] == '1')) {
echo '<script type="text/javascript">window.location.href = "http://example.com
/wp-content/themes/euro/newpage.php";</script>';
?>

First you have assign newpage.php template in your page and then after you have to pass page id in url which you are assigned page newpage.php template. Here i passed "10".
<?php
session_start();
if ((isset($_SESSION['stat']) && $_SESSION['stat'] == '1')) {
wp_redirect('http://example.com/?page_id=10', 301);
exit;
?>

Try following code May be this will help,
session_start();
if ((isset($_SESSION['stat']) && $_SESSION['stat'] == '1')) {
ob_clean();
wp_redirect('http://example.com/wp-content/themes/customtheme/newpage.php', 301);
exit;
}

Make this file "newpage.php" as a template with name "newpage" and then create a page in backend then use this template for that page and then use the url of that page in wp_redirect() function.

Just use this functional as per below:
ob_clean();
$url = get_home_url() . '/login';
wp_redirect($url);
exit();

PHP Infinite loop when user not logged in

I am having an infinite loop issue with this code. It's checking to see if there is a session variable, if there isn't, I want them to be redirected to the index page.
session_start();
if (! isset($_SESSION['foo'])) {
header('Location: /index.php');
}
exit;
I've tried putting the exit; and exit(); and endif; outside the if loop and inside, all are still giving me the issue of infinite loops. This code is located in the header page, which is then called on every page, so you can only access the index page if you are not logged in. That's the gist of why I want this code to exist in the first place.
Thank you for your help in advance.

Add something to your if statement that would exclude the index.php page. Something like
if(! isset($_SESSION['foo']) && strpos($_SERVER['REQUEST_URI'], 'index.php') === false) {
header('Location: /index.php');
}

If you make that check on the index page, it will redirect loop whenever a session is not set. You need to make sure this check is not made on index.php

I think you're just missing session_start();
page.php :
<?php
session_start(); // this is important
if (! isset($_SESSION['foo'])) {
header('Location: /index.php');
exit;
}
?>
index.php :
<?php
session_start(); // this is important
//stuff
$_SESSION['foo'] = 'stuff';
//other stuff
?>

Redirect if page is linked to directly javascript or php?

I need some javascript or php code to detect if user has linked directly to me site's page so I can then redirect it to the homepage.
Is this possible?

Check is the the host of your server is in the http_referer (it is the last url visited by the user).
function is_direct_link() {
return (!empty($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']) === false);
}
if (is_direct_link()) {
header('location: http://www.google.com');
exit();
}

<?php
$referrer = $_SERVER['HTTP_REFERER'];
// see if they are visiting from another website
if (!empty($referrer) && stripos($referrer, 'mydomain.com') === false)
{
// redirect them to the main site
header('Location: http://mydomain.com/');
// stop php from going further
exit;
}
Something like that is (i think) what you're looking for.

If the referrer is empty, this will redirect to the home page:
<?php
if(!empty($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'], 'example.com') header("Location: example.com");
?>
Note that the referrer is not bulletproof by any stretch but it does the basic job.