Page 1 of 1

problem with redirect in IE

Posted: Thu Dec 04, 2003 8:03 pm
by phoenixflight
I'm designing a secure website with a login page. The logic of the login page is as follows:


<?php
IF (ISSET($_GET['submit']) {
[start session]
[process login info.]
[if successful login, redirect to
next page in site]
}
?>

Code: Select all




In other words, process the page twice -- if not logged in yet, then give user opportunity to enter userid/password; if logged in, then redirect to next page.

PROBLEM:
Works fine in Mozilla 1.0.1 but, in IE 5.0, merely redisplays the same (login) page after userid/login entry, instead of redirecting (userid and login are blanked out).  (Same thing happens with Konqueror, as well.)

ASSUMPTION:
IE is punking out on my header redirect, therefore merely redisplaying the same page instead of proceeding to next page.

QUESTION:
Will the following code successfully redirect with IE 5.0?

<pre>
$header_string = "Location: http://myurl";
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Pragma: no-cache");
header("Cache-control: private");
header("Content-Type: text/html; charset=utf-8");
header($header_string);
</pre>

If you think I'm going about the login process wrong, I'd be glad to field those sorts of ideas, too.

One more thing.  I'm using GET method only because I'm testing the site on an unmanaged hosting site that doesn't allow POST.  So the userid and password are being displayed in the URL after the first pass through the login page, but only until I get managed hosting site setup (with root access).  Then I'll use POST.

Thanks for any help.

Redirecting

Posted: Fri Dec 05, 2003 3:30 am
by dyconsulting
1. Use this for redirecting:

Code: Select all

header("Location: next_page.php");
2. Make sure your <form>tag is closed</form>
3. Also check that submit button is within form tags

Posted: Fri Dec 05, 2003 8:52 am
by Bill H
This should work fine -- I use it frequently:
<?php
IF (ISSET($_GET['submit']) {
[start session]
[process login info.]
[if successful login, redirect to
next page in site]
}
?>
Did you use the exit command to keep the rest of the page from executing?

Code: Select all

<?php
if (!strcmp($Password, $Office))          // password is for office manager
{   header("Location:whatever.php");
     exit;
}
// code for login goes here, not execited if logged in
?>