Page 1 of 1

Header

Posted: Tue Feb 21, 2012 6:08 am
by YoussefSiblini
Hi guys,
what I want to achieve is:
Put 301 redirect from all pages of http://xxxx.com/ domain to corresponding pages of http://www.xxxxx.com/.

Code: Select all

<?php
    function currentPageURL() {
    $curpageURL = 'http';
    if ($_SERVER["HTTPS"] == "on") {$curpageURL.= "s";}
    $curpageURL.= "://";
    if ($_SERVER["SERVER_PORT"] != "80") {
    $curpageURL.= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
    } else {
    $curpageURL.= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
    }
    return $curpageURL;
    }

    $FullUrl = currentPageURL();
    if ($FullUrl = "http://xxx.com/")
	{
		Header( "HTTP/1.1 301 Moved Permanently" ); 
                Header( "Location: http://www.xxxx.com/" ); 
	}

?>

but I am getting this error in the page:
This web page has a redirect loop
The web page at http://www.xxx.com/ has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
Here are some suggestions:
Reload this web page later.
Learn more about this problem.
Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

Youssef

Re: Header

Posted: Tue Feb 21, 2012 8:08 am
by Eric!
There are several fundamental problems here. This will only redirect if the user types in http://xxx.com/ If I type in http://xxx.com/index.html it won't work. You're probably redirecting multiple times because it is stuck in a loop detecting the xxx.com domain. Also, this script is open to XSS attacks.

You might be better off using mod_rewrite in .htaccess to handle this for you.

Re: Header

Posted: Tue Feb 21, 2012 8:41 am
by YoussefSiblini
Thank you for your reply,
I have no idea why it is stuck in a loop as if I just used:

Code: Select all

<?php 
 Header( "Location: http://www.xxx.com/" ); 
 exit();
?>
I get the same error.
About the .htaccess file I never used that file I am scared to change anything in it.

youssef

Re: Header

Posted: Tue Feb 21, 2012 8:45 am
by YoussefSiblini
If I used the header to a different url it works fine like this:

Code: Select all

<?php 
 Header( "Location: http://www.google.com/" ); 
 exit();
?>
But if use my website as the url I get that error.

Re: Header

Posted: Tue Feb 21, 2012 9:24 am
by YoussefSiblini
This is weird I just gave the url a variable and used that variable and every thing worked fine, like this:

Code: Select all

<?php
    function currentPageURL() {
    $curpageURL = 'http';
    if ($_SERVER["HTTPS"] == "on") {$curpageURL.= "s";}
    $curpageURL.= "://";
    if ($_SERVER["SERVER_PORT"] != "80") {
    $curpageURL.= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
    } else {
    $curpageURL.= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
    }
    return $curpageURL;
    }

    $FullUrl = currentPageURL();
    $url ="http://xxxx.com/";
    if ($FullUrl == $url)
        {
                Header( "HTTP/1.1 301 Moved Permanently" ); 
                Header( "Location: http://www.xxxx.com/" );  
				
        }
?>

Re: Header

Posted: Thu Feb 23, 2012 6:56 pm
by Eric!
That's because originally you were using a single "=" in your script. You fixed this accidentally when you put the variable in.

You shouldn't compare strings using the == in an IF statement with PHP. Try using either preg_match or one of the string comparison functions. PHP can do funny things during string comparisons, it's best to use a string function for that.

Also you still need to filter those $_SESSION variable to avoid your server from getting hijacked by an XSS attack.

And you need to figure out if your IF statement really is catching all the cases that you need to redirect.

Re: Header

Posted: Sat Feb 25, 2012 12:30 am
by YoussefSiblini
Thank you Eric,

I read more about what you said and I improved my code.
You are very useful :)

Youssef