Monitoring for postbacks with PHP? - php

I have a PHP page with content that my users can view. When this page receives a POST request from a certain external URL, I'd like to redirect the user to another page.
The problems I'm' having are:
How can I monitor the page for requests being sent in an efficient way?
How can I actually redirect them since header() doesn't work.
Thanks.

For the second question, header() will work if you use it before you output any information to the page. However, if you echo, print, or have HTML before it, it will give an error.
Edit: In response to Toad's comment, then you'd have to do as Aaron Harun suggested. Have the page save the $_POST data to the database or a file (make sure you sanitize it!), just like you would with any $_POST data. You would then need to use AJAX to get a response from a second PHP page that simply checks for the existence of updated data from wherever you saved it. If the response comes back true, then you redirect using a JavaScript redirect.
The only other way to do it without using AJAX would be to refresh the page using an HTML meta refresh element at timed intervals to check if $_POST data has been received. HTML would perform the refresh, PHP would do the checking, and you could use either for the redirect.

You can use an AJAX script to "ping" the server intermittently to see if there have been any changes. If there are, redirect the user with JavaScript.
It's pretty much the only way.

we can put this snippet to check the post request
if($_POST['flag']==1) {
header("location:newpage.php");
exit();
}
But If you want to check the request regularly without user interaction than you will have to use AJAX

Related

PHP redirection with post values

Is it possible to redirect user to external server without using:
header('Location:address.com?var=1');
or
HTML form with JS auto submit
Seems really simple but can't figure it out. I do not want to use GET, I would rather send it via headers/post if possible.
Making ajax request is slowing it down and I believe there should be some kind of solution in pure PHP.
CURL is not an option as I want to go to that link with posted data.
Cheers
You can do this using this method session_set_cookie_params(). It is used to transfer data from 1 url to another url using session. To get the result you have to write this function before every session_start().
session_set_cookie_param();
#session_start();

PHP - return the same page with changes

I have html page where you can insert some information and then submit this form, which will change information in database. I do it normally, that submit button call php file in server.
But what I want, is that this php file will return to me the same html page of which I sent request, with modified changes. e.g: there will be "Database update successfully" text added etc.
How can I do it without AJAX ?
Thanks
In the PHP file, do a call to the header() function to redirect the user. For example:
header('Location: url.php');
To change the content of that page they are redirected to, you could pass something in the URL that your page will check for. For example:
header('Location: url.php?submitted=1');
There are other ways to implement this, but this seems the most straightforward to me. Note that you don't want to call header() until the end of your submission page.
Use POST/REDIRECT/GET
Excerpt:
The user submits the form
This is pretty straight forward. The user completes the form and submits it by pressing the submit button or enter on their keyboard.
We store the form data in a session
After processing the data we discover an error so we need to redisplay the form with an error message but we also want to populate
it with their data so they don't have to refill the entire form just
to fix potentially one little mistake. So we store their data in a
session ($_SESSION). Session variables carry over from page-to-page
for as long as the session is valid or until they are deleted. This is
an ideal place to put their information since redirecting will cause
their information to be immediately discarded by the server.
We redirect the user back to the same page using a 303 redirect
Once we have saved the user's information in their session we need to redirect them back to the same page. In order for this to work
properly we need to use a 303 redirect. This means we need to send a
303 header with our redirect. A 303 redirect will cause the browser to
reload the page without the initial HTTP POST request to be
resubmitted. This includes when the user uses the back or refresh
buttons.
We re-populate the form using the data stored in the session
When the page is sent to the user we re-populate it with their information we saved in their session.
Only by generating the whole page in CGI first, unless you go through some horribly convoluted method of getting value of one of the fields to be set to document.innerHTML or something like that in Javascript. But you'll go through hell to get the quoting issues resolved. Use AJAX, it was created for precisely this purpose and exactly to avoid the utter hell associated with what you need.
Alternatively: the "modified piece" of the page may be an iframe, and you can set the target attribute of the form, so that the PHP returns only the iframe content.

Block direct access to PHP file except from AJAX request?

I wish to have a webpage that uses AJAX to access a PHP file in ./ajax/file.ajax.php
Trouble is, I don't want people to be able to type the address in their browser to access that PHP file directly.
Is there a way I can make it so that only AJAX requests can access the file?
Is there something I can check for in the PHP file to achieve this?
If you're using jQuery to make the XHR, it will set a custom header X-Requested-With. You can check for that and determine how to serve your response.
$isXhr = isset($_SERVER["HTTP_X_REQUESTED_WITH"])
AND strotlower($_SERVER["HTTP_X_REQUESTED_WITH"]) == "xmlhttprequest";
However, this is trivial to spoof. In the past, I've used this to decide whether to render a whole page (if not set) or a page fragment (if set, to be injected into current page).
If you're not using jQuery or you are not interested/you can't use custom headers (to go with what alex has offered), you may just simple POST some data with your Ajax request, and in that specific file check if that data has sent or not. If you send by GET it would be visible on the address bar, that's why I suggest POST.
<?php
if (empty($_POST['valid_ajax']))
header('Location: /');
?>
It's not solid as you can fool that with providing handmade data, however that's better than nothing if your problem is not that critical.

Avoid resending forms on php pages

Is there a way to avoid reprocessing forms when I refresh php pages? I'd like to prevent resending forms when refreshing links to php files with an insert function in them. For example, I am processing a series of notes written by users at the top of each page for a new note. Besides the obvious creating a separate php file with a header function is there another way to do it?
Use the Post-Redirect-Get Pattern.
Accept a Post request
Process the data
Issue a redirect response
Accept a Get request
Issue a 200 response
If you need to display data from the submitted stuff, then include a row id or similar in (for example) the query string of the URL you redirect to.
The best way would be to do a header("location: form.php"); call after you process the form. That would redirect you back to the form page, and if you refresh, the browser wont resend the form data.
Alternatively, you could check to see if you already processed the data received, but that would still give you the browser warning message that you are going to resend the data.
You might do both, just in case someone uses the back button and accidentally clicks Submit again.
Just set some flag when you process the form first time so you could check for it and abort reprocessing later on. Session variable or cookie will work fine.
You could put a nonce into the page that is only allowed to be used once so that if you see the same nonce come in you don't do the insert of the page.
I redirect users to a new page after processing of the form.
The form is a POST-request to do-something.php. I check the input data and if it validates I process the data and perform a redirect to do-something.php?somethingdone. So the user can hit F5 w/o resending the POST request.
I tried to use header("Location:..."), $_POST = array(), unset($_POST), but (idk why) they didn't work in my php page.
So, what I did, I just used
echo '< script>window.location.replace("http://.../this.php")</script>'
😂 it works very good! Maybe it is not a good idea, I am learning PHP for the 4th week.

POST in PHP AND redirect the user to that page?

I'm a bit confused. How do I POST data to a URL and then redirect the user's browser to that location - all in one operation?
I see
header('Location: page.php?' . http_build_query($_POST));
but that is GET, not POST and ppl think thats really bad practice - PHP open another webpage with POST data (why?)
My kludgy workflow involves setting up a form and then submitting it via javascript - anything has to be better than that...
I think I can do a set of header() stmts but this action happens for the user way after the page has been geenrated, so i dont think that would work
You cannot redirect POST requests. As simple as that. Any redirect will always turn into a GET request.
If you want to receive POST data, then send that data to another page, you have two choices:
if both pages are on the same server, use sessions to save the data server-side, don't make the client carry it over
if the destination is on another server and you need to send the client there together with the data, set up another intermediate form like you are
Use AJAX to save the data before you leave the page. Use the answer you get back to fire a redirection to the new url right within the current page. Don't be affraid of Javascript and ajax. Try this light AJAX library: http://www.openjs.com/scripts/jx/

Categories