for example I have current link on which I want to redirect:
if(stripos($_SERVER['REQUEST_URI'], 'post.php?post=5')!==false){
//redirect
}
But if the post ID would be post=55 it will redirect too... How to solve this problem ?
Why don't you use $_GET variable?
if (isset($_GET['post']) && $_GET['post'] == 5) {
...
}
Related
I'm trying to give access to admin tools only to the admin.
What I tried to do: the session variable id, which is unique for every user.
first I checked if there is even a session, if there isn't I send the user to the index, than I check for the unique if of the admin "20" if the user's id is different than 20 I send him the the index.
my problem: my if statment doesn't work, I get sent back to index even when i'm logged-in as the admin.
My code:
<?php
if(isset($_SESSION['userId'])){
header('Location:index.php?b');
}
if($_SESSION['userId'] != 20){
header('Location:index.php?a');
}
?>
?a and ?b are for debugging, I get sent to index.php?a when I try to access the my page.
when I echo $_SESSION['userId'] I get 20, so maybe something is wrong with the type?(although I checked and it says that != shouldn't be effected by different types)
EDIT: sorry, I didn't describe what I wanted correctly, if the id of the user is 20 I want him to stay in the page, if it isn't I want to redirect him to index.
thanks!
Because you perform one test when that test passes or fails the comparison is over. You should probably perform a comparison like this because you only want to redirect when the ID is not 20:
<?php
session_start();
if(isset($_SESSION['userId']) && $_SESSION['userId'] != 20) {
header("Location: index.php");
exit();
}
?>
Check if session is set and if so assign its value to a variable with the null coalesce operator. Redirect using the ternary operator.
<?php
session_start()
//$_SESSION['userId'] = 19; // Redirects to index.php?a
$_SESSION['userId'] = 20; // Redirects to index.php?b
// use the null coalesce operator and ternary
$id = $_SESSION['userId'] ?? null;
($id == '20') ? '' : Redirect('index.php?a');
echo 'Still in page ...';
// Ensure an exit() after redirect
function Redirect($url) {
header('Location: ' . $url);
exit();
}
//Output: Still in page ...
?>
EDIT:
You can combine these steps to achieve this in one line:
(($_SESSION['userId'] ?? null) == 20) ? '' : header('Location: index.php?a');
This returns $_SESSION['userId'] if it's set and not null, otherwise it returns null. Then it checks this against the value 20 and uses it in the ternary operator to either do nothing ('') or redirect to index.php.
Your first if condition checks if the session is set (which is true) so it redirects you to index. So you should do:
session_start()
if(isset($_SESSION['userId'])){
if($_SESSION['userId'] != 20){
header('Location:index.php?a');
}else{
header('Location:index.php?b');
}
}
page-one.php code
<?php
//page-one.php
session_start();
$_SESSION['page_one'] = time();
?>
hello this is page 1 go to page 2
Page 2
page-two.php code
<?php
//page-two.php
session_start();
//Check to see if session variable exists.
if(!isset($_SESSION['page_one'])){
//Does not exist. Redirect user back to page-one.php
header('Location: 404.php');
exit;
} ?>
this is page 2
Works perfect but I have 2 questions:
what if i delete page-one bcz i want to show page 2 to all vistors who are coming on page 2 by clicking a link
or what if user is coming on page-two through google.com , in this case how page-two will pass page_one variable
This doesn't make much sense, but for your specific questions:
if(!isset($_SESSION['page_one']) &&
strpos($_SERVER['HTTP_REFERER'], 'google') === false &&
strpos($_SERVER['HTTP_X_FORWARDED_FOR'], 'google') === false &&
file_exists('page-one.php')
{
header('Location: 404.php');
exit;
}
Check if the session variable is not set
Check if HTTP_REFERER is not google
Check if HTTP_X_FORWARDED_FOR is not google
Check if page-one.php has not been deleted
$_SERVER['HTTP_REFERER'] is not reliable as it may be wrong, a proxy server or empty and $_SERVER['HTTP_X_FORWARDED_FOR'] is not guaranteed to be set or reliable.
With the previous caveats in mind, you can see if someone came from another site by checking:
if(!isset($_SESSION['page_one'] &&
!isset($_SERVER['HTTP_REFERER'] &&
!isset($_SERVER['HTTP_X_FORWARDED_FOR'])
{
header('Location: 404.php');
exit;
}
If you add a get parameter to all links then it's easier:
Page 2
Then:
if(!isset($_SESSION['page_one'] && !isset($_GET['link'))
{
header('Location: 404.php');
exit;
}
I'm trying to implement multiple if(isset()) statements but I can't get it to work.
example:
if (isset($_GET['a']) or isset($_GET['b'])) {
// HTML
} else {
// HTML
<a href="?link=a>LinkA</a>
<a href="?link=b>LinkB</a>
}
When I click a or b I still got the else statement executed.
I also tried:
if (isset($_GET['a'] or $_GET['b']))
but then I get a error
I'm trying to display different pages on different $_GET requests.
Can someone point me in the right direction or is this not the right way to do this?
Change if (isset($_GET['a']) or isset($_GET['b'])) To:
if ( (isset($_GET['link']) && $_GET['link'] == 'a') OR (isset($_GET['link']) && $_GET['link'] == 'b']) )
You are checking wrong variable.
You need to check $_GET ['link']
I'm trying to pass variables to a simple PHP script and have it redirect to different URLs depending on the values in the query string.
Here's what I have in bonus.php:
<?php
if ($_GET['pid'] == '3') {
$bonus = "copy-paste-traffic";
}
elseif ($_GET['pid'] == '5') {
$bonus = "lazy-affiliate-riches";
}
$redirect = "http://affiliatesilverbullet.com/.'$bonus'.-bonus/?mid=.'$_GET['mid']'.&pid=.'$_GET['pid']'.";
echo $redirect;
page_redirect($redirect);
?>
I want queries to redirect as follows:
asbfree.com/bonus.php?mid=dstruckman&pid=3 -> affiliatesilverbullet.com/copy-paste-traffic-bonus/?mid=dstruckman&pid=3
asbfree.com/bonus.php?mid=dstruckman&pid=5 -> affiliatesilverbullet.com/lazy-affiliate-riches-bonus/?mid=dstruckman&pid=3
But it's not working.
What am I doing wrong?
Please show me how to fix my bonus.php script to make this work.
Thanks in advance!
Dustin
I think you may change
$redirect = "http://affiliatesilverbullet.com/.'$bonus'.-bonus/?mid=.'$_GET['mid']'.&pid=.'$_GET['pid']'.";
to
$redirect = "http://affiliatesilverbullet.com/".$bonus."-bonus/?mid=".$_GET['mid']."&pid=".$_GET['pid'];
EDIT : ...change elseif to else if, page_redirect to http_redirect, and remove echo or place after redirect function.
I would use header("Location: $redirect"); instead of page_redirect($redirect);.
One of the issues may be your variable interpolation.
Replace
$redirect = "http://affiliatesilverbullet.com/.'$bonus'.-bonus/?mid=.'$_GET['mid']'.&pid=.'$_GET['pid']'.";
with
$redirect = "http://affiliatesilverbullet.com/{$bonus}-bonus/?mid={$_GET['mid']}&pid={$_GET['pid']}";
Next time you post a question it would be helpful to post the error message you are receiving.
On my site, forms are brought in via AJAX and checked against a sessionid. I know this is not optimal, but it's working for us. If the referrer doesn't have the session ID they are redirected back to "anotherpage". I need to allow some outside URL's access the form directly.
we set the sessionid on the page with the link to the form.
Here is what we have now on the form page:
<?php
$code = $_GET['sessionid'];
if(strcmp( $code , 'XXXXX' ) != 0) {
header("Location: http://www.domain.com/anotherpage.php");
}
?>
I need to allow some outside domains direct access to the form page and am having issues with this:
(I'm putting it above the head tag on the form page)
<?php
$code = $_GET['sessionid'];
$referrer = $_SERVER['HTTP_REFERER'];
if(strcmp( $code , 'XXXXX' ) !=0) {
header("Location: http://www.domain.com/anotherpage.php");
} else {
if (preg_match("/site1.com/",$referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
}
}
?>
this still bounces me back to "anotherpage.php" any ideas?
********EDIT*******
thx for the help, it works ad I requested. Now I see what I asked wasn't entirely correct. This appends the URL with =sessionid?=XXXXX. This isn't an issue on my site because I'm loading the content with .jquery .load so the URL doesn't change. I don't want the sessionid to be visible, and now it is. Can I either a) "trim" the url somehow or b) separate the two functions so they are exclusive?
if(strcmp( $code , 'XXXXX' ) !=0) {
if (preg_match("/site1.com/",$referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
} else {
header("Location: http://www.domain.com/anotherpage.php");
}
}
As I read your post, you want anyone from the preg_match to get the desired page regardless of sessionID status, so you don't want to test sessionID first.
Start the if block with the preg_match test.
Your first if is checking to see if they don't have the $code and redirecting them. This will always be the case. You should probably check the $referrer first and then do the $code check.
Try reverse if with else
<?php
$code = $_GET['sessionid'];
$referrer = $_SERVER['HTTP_REFERER'];
if (preg_match("/site1.com/", $referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
} else if (strcmp( $code , 'XXXXX' ) != 0) {
header("Location: http://www.domain.com/anotherpage.php");
}
?>
If I'm not misunderstanding this, the problem is in the order in which you are checking things.
If you want to allow some referrers to access the site even if they don't have the session id, you have to check for that before checking for the session id. Otherwise, they will end up being treated just like everyone else.
You can either switch the order of the conditions (first check for the referrer and then check fo the session id) or check for the referrer inside the branch in which you already know the session id is not valid.
The issue could be in your regex, it should be:
if (preg_match("/site1\.com/",$referrer))
notice escaping the dot (.)