After I read some stuff on-line I came up with this PHP script to detect the browser's language and redirect the user to the correct website's version. Short said, if the user has a browser in Swedish, then the script should redirect to index.php, if not, then it should redirect the user to en.php.
It works fine in some computers and mobile phones and in others it blocks the website. I suppose that the script is not OK and is causing some conflict in older browsers.
So, could you please take a look at my script and tell me if I am doing anything wrong and how can I fix it?
Cheers!
<?php
include ('administration/fonts.php');
?><?php
$lc = ""; // Initialize the language code variable
// Check to see that the global language server variable isset()
// If it is set, we cut the first two characters from that string
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
$lc = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
}
// Now we simply evaluate that variable to detect specific languages
if($lc == "sv"){
header("location: index.php");
exit();
}
else if($lc == "en"){
header("location: en.php");
exit();
}
?>
P.S. - Yes, the script is before the tag and there are no spaces between the "?>" tag and tag.
New answer after added details from the OP.
English users should be redirected, but Swedish user should stay on this site, so we'll rewrite the code like this (I added comments with // Reeno):
<?php
include ('administration/fonts.php');
$lc = ""; // Initialize the language code variable
// Check to see that the global language server variable isset()
// If it is set, we cut the first two characters from that string
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
// Reeno: I added strtolower() if some browser sends upper case letters
$lc = strtolower(substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2));
}
// Now we simply evaluate that variable to detect specific languages
// Reeno: Redirect all non-Swedish users to the English page (they can have "en", but also "dk", "de", "fr"...
if($lc != "sv"){
header("location: http://www.domain.com/en.php");
exit();
}
// Reeno: Swedish users stay on this site
?>
HTML code...
Old answer
You check for $lc == "sv" and $lc == "en" but you forgot the third case: $lc could be empty!
Rewrite the if at the end like this, so everybody with a non Swedish browser will get to en.php:
if($lc == "sv"){
header("location: index.php");
exit();
}
else {
header("location: en.php");
exit();
}
?>
btw header("location: ..."); requires an absolute URI like header("location:http://www.domain.com/en.php"); (some clients also accept relative URIs)
Related
I have a problem with my PHP (version 5.6) session. They are not being kept between pages, or even when I refresh my page.
On top of all my files I have :
<?php
session_start();
(there is no space or anything before).
When the user click on link, it's calling a function to set the website language to English or French. After some verification on the $_GET["lang"] value, I create the session like that :
$_SESSION["lang"] = $_GET["lang"];
If I do
var_dump($_SESSION["lang"]);
the server return string(2) "fr" or string(2) "en" regarding to which language the user select. Until there, everything is working great ;)
Problem is if I refresh the page, or go to another one, and try to return the session value, it's always NULL...
I know i could user other ways to translate the website, but I need the sessions to work for other functionality of my application (login, ...)
Because it was working few days ago, I first supposed it was a changed on the server, so I've contact my server administrator, but they told me they didn't change anything.
I have the PHP error reporting set to E_ALL but no errors are displayed...
If someone could help me with that, it would be great, i'm stuck on this bug since 3 days now ^^.
Thanks !
EDIT :
session_start();
var_dump($_SESSION["lang"]);
if(!isset($_SESSION["lang"]) || $_SESSION["lang"] == null){
$_SESSION["lang"] = "fr";
}
if(isset($_GET["lang"]) && ($_GET["lang"] == "fr" || $_GET["lang"] == "en")){
$_SESSION["lang"] = $_GET["lang"];
}
var_dump($_SESSION["lang"]);
from the limited code you're providing, my guess is that the $_GET argument isn't always set, which would then set the session to null.
try this...
if(isset($_GET["lang"])) {
$_SESSION["lang"] = $_GET["lang"];
} else {
echo 'lang not set';
}
EDIT: OP provided additional code.
This will return 'fr' if no value, or if an acceptable value hasn't been provided in the URL arguments. it's similar to what you have, however, I've wrapped the argument check in parentheses to make it a little tighter and changed the order. Your code was returning 'en' if nothing was provided.
session_start();
if(isset($_GET['lang']) && ($_GET['lang'] == 'fr' || $_GET['lang'] == 'en')) {
if($_GET['lang'] == 'fr') {
$_SESSION['lang'] = 'fr';
}
elseif($_GET['lang'] == 'en') {
$_SESSION['lang'] = 'en';
}
} else {
$_SESSION['lang'] = 'fr';
}
var_dump($_SESSION['lang']);
I found it !
My index.php file was encoded in UTF-8, i changed it to UTF-8 without BOM and it worked !
Really weird bug, I hope it will help someone ;)
My website has two languages: English and Russian. These languages' database names are EN and RU.
I use an old php+smarty script. This script's default language selection codes like this:
if(!isset($_SESSION)){
define('LANGUAGE_ID', 'EN');
} else if ($_SESSION['language'] == '')
{
define('LANGUAGE_ID', 'EN');
}
When I want to see a page in Russian, I visit any page with language phrase (?language=RU) like this:
http://www.example.com/index.php?language=RU
But these pages doesn't load in Russian firstly. When I clicked another link or refresh the page, then page loading in Russian. After saved the cookies, then I can see the pages in Russian when first visit. But If I delete the cookies in browser, then I couldn't see in Russian when first visit.
I tried lots of combinations but I couldn't find any solution. Do you have any idea?
Thank you very much...
Edit:
I found some codes in main.class.php:
function __construct($dbh,$smartyBuild) {
$this->dbh = $dbh;
$this->sitevar = #$smartyBuild->FetchSiteVar();
$this->smartybuild = #$smartyBuild;
if($_REQUEST['language'] !='')
{
$_SESSION['language'] = $_REQUEST['language'];
}
else
{
$langaugeAlready = mysql_fetch_array(mysql_query("select value from ".TABLE_PREFIX."sitevars where array_key = 'default_language_feed'"));
if($_SESSION['language'] == '')
{
$_SESSION['language'] = $langaugeAlready['value'];
}
}
if($_SESSION['language'] !='' )
{
define('LANGUAGE_ID', $_SESSION['language']);
}
else
{
define('LANGUAGE_ID', 'EN');
$_SESSION['language'] = 'EN';
}
}
Is the problem related with these codes?
Like I say, without all the code we are guessing a bit at what the problem is but, here goes...
It seems like you're only checking the $_SESSION variable for the language and not the $_GET variable (which gets the language from the URL). Therefore the value only changes after you refresh the page.
Try this. I am assuming your intention is to show English as a default and only Russian if it is defined in the url, but once defined to keep that language until it is put in the URL again.
//start a session. must be called first on all pages you want it to work on
session_start();
//first check if there's a new language coming from the URL
if(isset($_GET['language']))
{
// if we have a new language setting from the URL, check which one and save it in the session.
// we check it is EN or RO before saving into the session since I don't know what you're using it for later. eg part of a DB query which would be a security risk if it is anything other than EN or RO.
if($_GET['language'] == 'EN')
{
$_SESSION['language'] = 'EN';
}
if($_GET['language'] == 'RO')
{
$_SESSION['language'] = 'RO';
}
}
//now check the session variable, which will have been updated above if changed
if(isset($_SESSION['language']))
{
// already have a language saved, so let's use it
define('LANGUAGE_ID', $_SESSION['language']);
}
else
{
// no language from URL and no language saved, so default to english
define('LANGUAGE_ID', 'EN');
}
I'm aware that this topic has been covered before here on Stack, and I have looked at some answers, but I'm still a bit stuck, being fairly new to PHP. Every page on my website requires a login, and so users are redirected to a login page on page load. At the top of each page then I have:
<?
require("log.php");
include_once("config.php");
include_once("functions.php");
?>
This redirects the user to log.php (with new code added):
<?
session_name("MyLogin");
session_start();
if(isset($_SESSION['url']))
$url = $_SESSION['url']; // holds url for last page visited.
else
$url = "index.php"; // default page for
if($_GET['action'] == "login") {
$conn = mysql_connect("localhost","",""); // your MySQL connection data
$db = mysql_select_db(""); //put your database name in here
$name = $_POST['user'];
$q_user = mysql_query("SELECT * FROM users WHERE login='$name'");
if (!$q_user) {
die(mysql_error());
}
if(mysql_num_rows($q_user) == 1) {
$query = mysql_query("SELECT * FROM users WHERE login='$name'");
$data = mysql_fetch_array($query);
if($_POST['pwd'] == $data['password']) {
$_SESSION["name"] = $name;
header("Location: http://monthlymixup.com/$url"); // success page. put the URL you want
exit;
} else {
header("Location: login.php?login=failed&cause=".urlencode('Wrong Password'));
exit;
}
} else {
header("Location: login.php?login=failed&cause=".urlencode('Invalid User'));
exit;
}
}
// if the session is not registered
if(session_is_registered("name") == false) {
header("Location: login.php");
}
?>
The login form is contained in login.php. The code for login.pho relevant to the PHP/log.php is:
<?
session_start();
if($_GET['login'] == "failed") {
print $_GET['cause'];
}
?>
and
<form name="login_form" id="form" method="post" action="log.php?action=login">
The answer that I came across stated that I should add:
session_start(); // starts the session
$_SESSION['url'] = $_SERVER['REQUEST_URI'];
to the top of each page, which I did, at the top of the page (above "require("log.php");"), and then add:
if(isset($_SESSION['url']))
$url = $_SESSION['url']; // holds url for last page visited.
else
$url = "index.php"; // default page for
to my login page, and use the following URL for redirect on successful login:
header("Location: http://example.com/$url"); // perform correct redirect.
I am not 100% where the code which stores the referring URL should go, at the top of log.php or login.php.
I have tried adding it to both, but the login page is just looping once I have entered the username and password.
I wonder if someone could help me get this working?
Thanks,
Nick
It appears that I don't have the privilege to comment on your post, so I'll do the best that I can to answer. I apologize for all of the scenarios, I'm just doing the best I can to answer on a whim.
SCENARIO 1:
If you've truly not selected a database in your code, as demonstrated here, could that potentially be your issue? Please do note, that the code below, is the code you've posted.
$db = mysql_select_db(""); //put your database name in here
SCENARIO 2:
The code below is not something I've ever used in anything I've built, might I suggest that you try replacing that line of code with the line below it?
if(session_is_registered("name") == false) { // Current
if(isset($_SESSION['name']) == false) { // Potential Replacement
SCENARIO 3:
If you're logic for the following, exists on the login.php file as well... That could potentially be your problem. Upon visiting your site, I noticed your form appears on login.php, yet your logic is posting to log.php. I'm hoping this bit of code can help rule out that "jump", as login.php might be saving itself and overwriting the $_SESSION variable you've established
session_start(); // starts the session
$_SESSION['url'] = $_SERVER['REQUEST_URI'];
If it's too complex to take it out of the login.php file, if you even have it there, I've put together some code that you can use to create "internal" breadcrumbs, so you can go 2 pages back in your history.
if(!isset($_SESSION['internal_breadcrumbs']))
$_SESSION['internal_breadcrumbs'] = array();
$_SESSION['internal_breadcrumbs'][] = $_SERVER['REQUEST_URI'];
$max_breadcrumbs = 5;
while(count($_SESSION['internal_breadcrumbs']) > $max_breadcrumbs)
array_shift($_SESSION['internal_breadcrumbs']);
That will create an array with a max of $max_breadcrumbs elements, with your most recent page at the end, like the following
Array
(
[internal_breadcrumbs] => Array
(
[0] => /other_page.php
[1] => /other_page.php
[2] => /other_page.php
[3] => /user_page.php <-- desired page
[4] => /login.php <-- most recent page
)
)
So now... you can setup your url to be something more like the following...
// I'm doing - 2 to accommodate for zero indexing, to get 1 from the current page
if(isset($_SESSION['internal_breadcrumbs']))
$url = $_SESSION['internal_breadcrumbs'][count($_SESSION['internal_breadcrumbs']) - 2];
else
$url = "index.php"; // default page for
All the best, and I certainly hope this has helped in some way.
IN SCENARIO 4
From the client test the login/password which ajax XMLHttpRequest with javascript code to a dedicated script for validation (do it on mode https for secure)
If response is right send the login password to your script server.
Stips : Encoding password is better secure !
Using header() function it's a bad idea.
Manual specification say ;
Remember that header() must be called before any actual output is
sent, either by normal HTML tags, blank lines in a file, or from PHP.
It is a very common error to read code with include, or require,
functions, or another file access function, and have spaces or empty
lines that are output before header() is called. The same problem
exists when using a single PHP/HTML file.
So in your case, i suggest that to use cookies with an ID generate only for the session, at the first connection its generate, and the duration of the cookie maybe for only from 2 to 10 minutes.
Regenerate cookie each time the loging.PHP is called !
Have a nice day
On my site, forms are brought in via AJAX and checked against a sessionid. I know this is not optimal, but it's working for us. If the referrer doesn't have the session ID they are redirected back to "anotherpage". I need to allow some outside URL's access the form directly.
we set the sessionid on the page with the link to the form.
Here is what we have now on the form page:
<?php
$code = $_GET['sessionid'];
if(strcmp( $code , 'XXXXX' ) != 0) {
header("Location: http://www.domain.com/anotherpage.php");
}
?>
I need to allow some outside domains direct access to the form page and am having issues with this:
(I'm putting it above the head tag on the form page)
<?php
$code = $_GET['sessionid'];
$referrer = $_SERVER['HTTP_REFERER'];
if(strcmp( $code , 'XXXXX' ) !=0) {
header("Location: http://www.domain.com/anotherpage.php");
} else {
if (preg_match("/site1.com/",$referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
}
}
?>
this still bounces me back to "anotherpage.php" any ideas?
********EDIT*******
thx for the help, it works ad I requested. Now I see what I asked wasn't entirely correct. This appends the URL with =sessionid?=XXXXX. This isn't an issue on my site because I'm loading the content with .jquery .load so the URL doesn't change. I don't want the sessionid to be visible, and now it is. Can I either a) "trim" the url somehow or b) separate the two functions so they are exclusive?
if(strcmp( $code , 'XXXXX' ) !=0) {
if (preg_match("/site1.com/",$referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
} else {
header("Location: http://www.domain.com/anotherpage.php");
}
}
As I read your post, you want anyone from the preg_match to get the desired page regardless of sessionID status, so you don't want to test sessionID first.
Start the if block with the preg_match test.
Your first if is checking to see if they don't have the $code and redirecting them. This will always be the case. You should probably check the $referrer first and then do the $code check.
Try reverse if with else
<?php
$code = $_GET['sessionid'];
$referrer = $_SERVER['HTTP_REFERER'];
if (preg_match("/site1.com/", $referrer)) {
header('Location: http://www.domain.com/desiredpage.php');
} else if (strcmp( $code , 'XXXXX' ) != 0) {
header("Location: http://www.domain.com/anotherpage.php");
}
?>
If I'm not misunderstanding this, the problem is in the order in which you are checking things.
If you want to allow some referrers to access the site even if they don't have the session id, you have to check for that before checking for the session id. Otherwise, they will end up being treated just like everyone else.
You can either switch the order of the conditions (first check for the referrer and then check fo the session id) or check for the referrer inside the branch in which you already know the session id is not valid.
The issue could be in your regex, it should be:
if (preg_match("/site1\.com/",$referrer))
notice escaping the dot (.)
I want to create a URL redirect based on a URL variable.
so, if student%20gender (student gender) is male then go to www.one.com, if female, go to www.two.com.
couldn't figure this one out yet. any help?
Question could use a little bit of a better explanation. Do you mean that someone is going to
http://www.yoursite.com/yourscript.php?student%20gender=male and you want them to be redirected to http://www.one.com?
If this is the case, PHP has a built in variable known as $_GET which stores the values listed after a ? in a URL. So in the above example, we'd see:
$_GET['student gender'] = male;
You can use this to access any number of parameters separated by &
So the URL http://www.site.com/index.php?val1=a&val2=b&val3=c would give us:
$_GET['val1'] = a;
$_GET['val2'] = b;
$_GET['val3'] = c;
After this, to do a redirect in PHP the easiest way is to send a Location: header. This is done like so:
<?php
header("Location: www.newsite.com");
?>
Combining this with our $_GET variable and some simple logic:
<?php
if($_GET['student gender'] == 'male'){
header("Location: www.one.com");
die();
} else {
header("Location: www.two.com");
die();
}
?>
$var = $_GET['yourvar'];
if($var == 'one'){
header("Location: http://www.one.com/");
}else if ($var == 'two'){
header("Location: http://www.two.com/");
}
then do http://www.yoururl.com?yourvar=one
You also have to make sure you look at the security aspects here, the best way yo accomplish this is
$gender = isset($_REQUEST['gender']) ? $_REQUEST['gender'] : false;
switch($gender)
{
default: //The default action
//Send back to the gender select form
break;
case 'male':
//Send to male site!
break;
case 'female':
//Send to female site!
break;
}
This should be sufficient, but please never use $_X['?'] in functions that execute either shell or database queries without sanitation.
Note: _X being (GET,POST,REQUEST,FILES)