Server-Side redirection after a fetch request - php

Let's say, we work on a project in a web tool and after some period of time the app wants to save the project as backup before the session expire.
For the saving, we use fetch method(it could be AJAX, Axios etc) and we post a request to a controller function, in which we save the project, clear the session and want to redirect to the home page. I've tried this scenario with Laravel but when the time for redirection come, the session data is cleared but the server doesn't redirect to the home page.
Is it because of the fact that the fetch and the other types of asynchronous functions wait always for response?

A redirect means "What you asked for can be found here" not "Load this URL in the main browser window".
If the browser was asking for a URL with the intention of showing it in the main browser window (e.g. a link was clicked) then it would follow the redirect and show it in the main browser window.
If the browser was planning to do something else (e.g. render an <img>) then it would follow the redirect, get the image at the new URL, and render that in the <img>'s spot.
Ditto Ajax. You are making a request with Ajax, so the browser follows the redirect and gives the resource at the new URL to JavaScript to process.
If you want to make a POST request which loads a new document in the main browser window: Submit a form and don't use Ajax.

Related

Where is header('location:url') redirect takes place?

If I have the following code, the browser will take this to the specified location.
<script>window.location = "https://google.com";</script>
But what happens when header('location:$url'); is used. Does the browser receive the headers and makes the redirection from client side ?
It depends on how and when you want to redirect the user to another page.
If you want to instantly redirect a user to another page without him seeing anything of a site in between, you should use the PHP header redirect method.
If you have a Javascript and some action of the user has to result in him entering another page, that is when you should use window.location.
The meta tag refresh is often used on download sites whenever you see these "Your download should start automatically" messages. You can let the user load a page, wait for a certain amount of time, then redirect him (e.g. to a to-be-downloaded file) without Javascript.
The browser will process the header redirect right away, whereas the Javascript redirect will not be executed until the page has loaded (or at least enough of it to run the Javascript). Also, it will be the Javascript engine executing the redirect instead of the browser itself.
Doing it via the header will perform better. (slightly anyway...)
<script>window.location = "https://google.com";</script>
This is how a user is redirected to a site using JS. This is done on client side.
header is a function in PHP, you can redirect user based on your logic from server side to a new url.
When you put this code into your code
<script>window.location = "https://google.com";</script>
It will being send to client's browser, then when the DOM was fully loaded it will being executed by browser and redirect to google.com
But when you put header('location:$url'); to your php code. The server will send 302 Response to redirect client browser to the new URL directly without being executed by javascript..

Communicating between a page and a popup oauth page

I have an application that has a button which opens a blank page for linkedin oauthentication.
My question is, when the user completes authentication and processing for linkedin, how do I tell the original page that this process is complete?
I was thinking about creating an ajax method that tells the database that the user is in oauth and when they are complete we tell the same database that the process is over and the original page will find out.
Any ideas?
See: How can I do OAuth request by open new window, instead of redirect user from current page?
The trick is the window.opener property, available from the popup. Using that you could do something simple like a reload window.opener.location.reload() or possibly something more complicated using postMessage (in either case the code would live in the page that OAuth redirects to on completion).

HTML5 History/State API, AJAX, PHP redirect, URL change

My site uses History.js HTML5 History/State API (pushState, statechange event etc) and loads the page into my .content div via AJAX (jQuery).
Works fine until I do a URL redirection server side (CakePHP $this->redirect($url);). The content updates fine with the page I redirected to, but I would like to add a new state to the history.
How should I do this? Is there a way I can check the AJAX response to know if the request was redirected or should I approach the problem from another direction?
Example
Admin listing of blog posts. /posts/index
User selects a post. /posts/open/13
User clicks "Delete post" /posts/delete/13
After deleting from DB, the request gets redirected to the listing, but the address bar is still /posts/delete/13
I would like to replace the current state (/posts/delete/13) with the new URL to the history (/posts/index). But how would I know if the AJAX request was redirected or not?
I came up with a (IMO) temporary solution.
Server side redirection: check if the request is async. If yes, do not redirect, instead add a "redirect-to" header to the response and send it (body is empty). Client side check the response if it has the header. If yes, do a replaceState and make a new ajax call for the received "redirect-to" url.
What do you think about this?

How to Redirect from PHP, receiving an XMLHttp POST request

My questions is about redirection from PHP. I know that we can redirect from a php page to another page by nust using
header("Location: ".$redirectURL);
In my case, one php file receives a XMLHttp POST request, done using javascript in front-end. It manipulates some data in it, and now sets a cookie and then i want to redirect to another page. All pages are in same domain only.
I want to move to the other page, from PHP. Can i do this? Any methods for these?
edit:
Situation is like this, from a login page, i will post the username &password to one php page, where its validated. From validation its understood if the user belongs to a server in some other region(We use a regional divisioning), i will redirect him to that servers login page, but with a cookie set. So that login page understands he's already logged in, and open his homepage.
Thanks for Help :)
You can return URL and do window.location.href assignment in your ajax handler. I think it is the simplest way.
Following update in question: you should remember that you can set cookies for some domain or for subdomains, so, if your regional servers is allocated on completely different domains (for example, myserver.com, myserver.co.uk, myserver.ru) - they will not recognize your cookie and you need some other way to transmit that user is logged in. (One time key in shared storage may be solution)
client : ajax client which do request
serverphp : php file which executing ajax request
1. Redirect client to another page
serverphp return an address client listener redirect client's browser
2. Redirect serverphp to another page
You can do a request to first.php then redirect it to second.php and ajax will get answer from second.php

In PHP how can i remove query string to avoid people refreshing launching a process twice?

in php i'm using GET to create query string which launches an action :
for example when i go to :
www.example.com/index.php?mode=action&name=launch_this
it will get mode=action and name=launch_this and the php will launch a function called "launch_this"
But how can i avoid people from refreshing this page and then re-launch the process ?
i'd like to be able to get these parameters once and convert the url for the client to index.php without parameters..
Is it possible ?
Thanks
actions which modify state on the server or launch a process should not use GET, but POST. If you use POST and the user refreshes, the browser will at least prompt for confirmation.
To avoid refreshes, you should send a redirect once the process is launched :
user posts to launch action
server launches action and sends a redirect
user browser receives the redirect and GETs the page atthe given URL
user refreshes, and reloads the page, but doesn't relaunch the action.
This pattern is known as Post/redirect/get, or as "redirect after post".
You can use the Post/Redirect/Get pattern for this:
http://en.wikipedia.org/wiki/Post/Redirect/Get
I'd consider looking at the Post/Redirect/Get pattern.
Before you send any output to the client, set the redirect header.
header("Location: index.php");
This will cause the browser to load the index.php page, and the URL shown in the location bar will change too.
You could also use the history.replaceState() javascript function to change the URL in the browser, but this function is only supported in Safari and Firefox 4 (see for example https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history)
You could store some value inside $_SESSION and check it before execution like
if(!isset($_SESSION['launched'])) {
$_SESSION['launched'] = true;
...
...
}
POST/Redirect/GET is a great answer.
Another possibility would be to use AJAX to actually send the data to the server, and then simply refresh the current page (or navigate to a different one, for that matter) once the AJAX completes. This way, the request that actually sends the data to the server is only ever called upon user action, and would not be called on reload.

Categories