simple post redirect get code example

simple post redirect get code example  using -'php'

I have found many sites that describes PRG, but no simple PHP code example.

Here's what I implemented:

The form.php has an action: validate.php.
The validate.php is never seen by the user; if validates all $_GET and, if valid writes it to database and generates the HTML of a confirmation page / if not valid, it generates the HTML of an error page explaining what is wrong.
Whichever HTML is generated get stored in a $_SESSION variable and then validate.php calls header('Location: <as appropriate>);.
The submitted.php of invalid_input.php (in case the user reads the URL) consists only of echo $_SESSION['form_html'];.

That seems to me like protection against both page reload and back button problems.

Did I goof by trying to reinvent the wheel?

asked Sep 30, 2015 by sandeep bhadauria
0 votes

4 Answers

0 votes

Simplest scenario:

if ($_POST) {
   // Execute code (such as database updates) here.

   // Redirect to this page.
   header("Location: " . $_SERVER['REQUEST_URI']);

Use REQUEST_URI. Do not use PHP_SELF as in most CMS systems and frameworks PHP_SELF would refer to /index.php.

answered Sep 30, 2015 by dahiyabecomp
0 votes

A snippet of code:

if (count($_POST)) {
    // process the POST data
    // your code here- so for example to log a user in, register a new account..
    // ...make a payment...etc

    // redirect to the same page without the POST data, including any GET info you
    // want, you could add a clause to detect whether processing the post data has 
    // been successful or not, depending on your needs

    $get_info = "?status=success";

    // if not using rewrite
    // header("Location: ".$_SERVER['PHP_SELF'].$get_info);

    // if using apache rewrite
    header("Location: ".$_SERVER['REQUEST_URI'].$get_info);
answered Sep 30, 2015 by nimisha.jagtap
0 votes
   HTML form
    PHP app
  reads $_POST
sends 303 header
receives header
 redirected to
   new page
    PHP app
  reads $_GET
 does whatever

A common use is in login authentication. That's the process flow when user submits the login form. PHP app authenticates user via $_POST vars. Sends a 303 header back to browser when the user has successfully authenticated. So user is redirected to a new page.

answered Sep 30, 2015 by param.oncemore
0 votes



Callee.php (Is called twice.)

if ($_POST) {
    header("Location: ". $_SERVER['REQUEST_URI']. 'Query2'); 
    // PART1: Use $_POST and $_GET to execute database updates here...

    // Now any display (i.e. echo or print) will come after the header.
    // ...

   die;  // When done, GET 'myself' to execute PART2 below.

// PART2: Results page goes here...
echo 'PART 2 display output: '; var_dump($_GET);

Notice there are two query strings involved

Look what var_dump says about $_GET:

PART 2 display output: array(1) { ["Query1Query2"]=> string(0) "" } 

Issues with putting header at the end of the POST section like this:

header("Location: ". $_SERVER['REQUEST_URI']. 'Query2'); die;

The php manual says: "Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file."

However if you need to build 'Query2' based on what happens in the POST section, it may need to be at the bottom of the POST section. This is ok, so long as you don't try to insert any echo's above it, not even for testing.

answered Sep 30, 2015 by ankitarajoria4