I'm pretty sure this isn't possible and I need to set headers on login.php if $_GET['reason'] isset but can someone clarify that I can't set response code then change location?
header('HTTP/1.1 403 Forbidden');
header("Location: http://domain.com/login.php?reason=ipbanned");
Right, this is not possible. A "Location" header sets the HTTP response code to 302 Found (or another 3xx redirect code) and you can't send two response codes at a time.
Update:
The correct way to do what you want is to send the forbidden header on the redirected page, i.e. in login.php if $_GET['readon']=='ipbanned', not on the redirecting page.
Related
I need to go to a page which is forbidden without a custom header:
x: something
Is this possible? I don't want to get the content of the page (curl or file_get_contents()), I want to redirect there with a header set.
You can redirect the header like this.
header('Location: http://www.example.com/');
You can not output any html to the page before you use this. If you output any html the headers are automatically sent out before the output. (unless you have output buffering turned on). You can read more about this here.
http://php.net/manual/en/function.header.php
Also, if by forbidden you mean 403 Forbidden then you probably have incorrect file permissions set or certain apache configurations set.
if I validate html or register web in any serch engine, I get 302 error.
The reason is a header() function. If I take it away, everything is fine with 200 OK status.
So the main problem is that I need this redirection for web to be multilingual.
The logic is next. When user enters the web page for the first time index.php - require_once a file with a function:
function cookies() {
if (!isset($_COOKIE["lang"])){
setcookie('lang','ukr', time()+(60*60*24*31));
header('Location: index.php');
}}
cookies();
so the user sees a page already filed with a deafault language.
If there would be no redirection from require_once file the data from mysql won't be downloaded and user won't see any text.
The question: should I leave this with HTTP 302 or rebuild the whole site/logic not to have any redirects at index page???
302 is not an error. It is the status code for "Found" (aka "The document you asked for is over here"). PHP will insert this for you automatically if you add a Location header (unless insert a status manually, but you don't want a 301 here)
This is the expected response if you are telling people to go and get a different document based on their language preferences.
It is odd to redirect from index.php to index.php though. Presumably you should just return the appropriate document directly instead of redirecting.
I got it. It's actually pretty simple.
The validators don't accept cookies. So they get stuck in a an infinite loop.
You can test this:
delete all your cookies from your computer.
Disable cookies in your browser and try loading your website.
Whenever You use header("location: .... you will get a 302, it's a status and not an error, it's telling the browser that the site has redirected the page:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
Read those validators and engines and see if having the 302 is a problem for whatever you are trying to do, normally it shouldn't be.
A dirty way would be to force the header, personally I don't encourage this and don't know what side-effects could it have really, but it could be a quick workaround to trick those engines:
function cookies() {
if (!isset($_COOKIE["lang"])){
setcookie('lang','ukr', time()+(60*60*24*31));
header('Location: index.php');
header('HTTP/1.1 200 OK'); // <--- Forcing the header status
}}
cookies();
I havea code that should redirect in case it doesnt have some request parameter set correctly.
if(!is_numeric($_GET['id'])){
header("HTTP/1.0 404 Not Found");
header('Location: '.$url);
exit();
}
Problem is that whenever I check with Firefoxes plugin, live HTTP headers, I see 302 temporary redirect. why is that? why no 404 response is given?
It doesn't make sense to send a Location header with a 404 status code.
Location means "What you asked for is over here"
404 means "I don't have what you asked for"
The two statements are incompatible.
If you want to send a particular human readable explanation of the error, then just output it as you would for any other kind of document. You could include() it if you like. Don't try to redirect to it.
Problem is that whenever I check with Firefoxes plugin, live HTTP
headers, I see 302 temporary redirect. why is that? why no 404
response is given?
Not sure what you want to do here but following will provide your purpose.
if (! is_numeric($_GET['id'])) {
header('Location: ' . $url, true, 404);
exit();
}
You can only send ONE of the headers you are attempting as stated above.
In case of 404 - this will display the error relevant error pages as defined by you're web server config.
To do what you want... you will need to modify the server's 404 from a plain html to a php page and work out what to display from there (you can base on referrer etc).
From within the 'dynamic' 404 page, you can then do you're redirect if required.
This one should be easy...
Do I need to explicitly tell PHP that I want to do a 301 redirect? Like this...
<?php
header("HTTP/1.1 301 Moved Permanently");
header("Location: http://www.example.com/");
?>
Usually, I leave off the first statement and just do...
<?php
header("Location: http://www.example.com/");
?>
Would that second example actually be a 302 redirect?
Yes.
To quote the fine manual:
The second special case is the "Location:" header. Not only does it send this header back to the browser, but it also returns a REDIRECT (302) status code to the browser unless the 201 or a 3xx status code has already been set.
The most likely reason for this is that a 302 Found is a nonspecified-purpose redirect. There are four 3xx redirect headers that you can use.
301 Moved Permanently is a permanent redirect, e.g. for keeping compatibility with old URLs. As such, many browsers will cache the redirect location, and won't check again.
303 See Other is the redirect intended e.g. for a Post-Redirect-Get action - note that it's only defined as of HTTP/1.1
307 Temporary Redirect means "yeah, it's usually here, but right now, the resource is somewhere else" - that may not be the meaning you want: e.g. you always want to redirect at this point. Again, defined in HTTP/1.1
Finally, 302 Found is a unspecified-purpose redirect - to be used when the above aren't applicable, or when HTTP/1.0 compatibility is desired (is that still a concern in 2011?); as such, it is used as the default.
I am trying to redirect a page using HTTP 410 status using php header function as
header("HTTP/1.1 410 Gone");
header('Location: http://domain.com/down.php');
exit;
The problem is that even if I set a 410 status code...the status code will automatically change to 302
I have also tried with
header('Location: domain.com/down.php', true, 410);
exit;
It shows 410 redirection but the redirected page does not show anything. It shows a blank page.
Does anybody know if there is a solution for this?
The 410 error indicates that the Web server has no forwarding address for the URL, so can provide no redirection to the new Web server. So the blank page you got using the second snippet is correct.
The first code snippet also gives the correct result - Location creates a redirect to a given address.
So there is no errors in your code or in PHP. I'm not sure you do what you realy need =)
header('Location: http://domain.com/down.php', true, 410);
exit;
Should works. You forgot about protocol in URL.
Besides, AFAIU, Yo can use
header('Location: 'http://domain.com/'down.php');
header("HTTP/1.1 410 Gone");
exit;
But Are you sure you need Redirect and 4xx HTTP status?
The last header line is a correct way to set the status code:
header('Location: domain.com/down.php', true, 410);
However, the Location header name requires a fully qualified URL, your URL looks incomplete. That's not valid.
Next to that you don't send any HTTP response body, so the browser can only display a blank page. To display a non-blank page, provide a response body:
header('Location: http://domain.com/down.php', true, 410);
echo '<h1>Gone.</h1>here.';
exit;
Providing a response body is useful, because user-agents do not need to follow Location headers automatically, especially as with the 410 response code RFC 2616, no response header named Location is expected by a HTTP client.
Maybe you're looking for 301 Moved Permanently.
Try to use some proper quotes?
header("HTTP/1.1 410 Gone");
header("Location: http://domain.com/down.php");
exit;
You have to include the error page :
header("HTTP/1.0 410 Gone"); include_once("410.html"); exit();