using variable as part of URL redirect

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
smotta
Forum Newbie
Posts: 1
Joined: Mon Aug 27, 2007 4:37 pm

using variable as part of URL redirect

Post by smotta »

Hi All,

I am trying to use a variable entered by the user on a form - $username, that is posted to a .php script that is supposed to redirect them to their own individual directory. the problem is that when i write


header( 'Location: http://www.mydomain.com/$username' ) ;

It says "www.mydomain.com/$username" does not exist.

How do i get the script to distinguish that i want it to put the user defined variable in there instead?

Thanks in advance!

-Sean
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Use double quotes instead of single quotes.

EDIT| Use http://, too.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Post by Kieran Huggins »

also, register globals is probably off (or it should be!) o use $_POST['username'] if you aren't already. just be sure to validate the data first.
User avatar
xpgeek
Forum Contributor
Posts: 146
Joined: Mon May 22, 2006 1:45 am
Location: Kyiv, Ukraine
Contact:

Post by xpgeek »

post it not as path, but as parameter

Code: Select all

header( "Location: http://www.mydomain.com/?user=$username'") ;
and get it as $_GET['user'] on destination php script.
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

xpgeek wrote:post it not as path, but as parameter

Code: Select all

header( "Location: http://www.mydomain.com/?user=$username'") ;
and get it as $_GET['user'] on destination php script.
unless he is using mod_rewrite or has sub directorys for each user
Steve Mellor
Forum Commoner
Posts: 49
Joined: Thu Aug 02, 2007 8:18 am

Post by Steve Mellor »

xpgeek wrote:post it not as path, but as parameter...
That's what I thought when I first read the post but I don't think that's actually what is being asked. It appears he has a directory set up (we will assume already created) that has the username. Lets say the username is 'badger' for this example.

He wants to link to the directory "www.site.com/badger" and he has a post variable that is set to the username. So the code needs to be:

Code: Select all

header( "Location: http://www.mydomain.com/$_POST['username']'") ;
Of course that's without checking the POST variable first which is always advisable.[/quote]
Bon Bon
Forum Commoner
Posts: 66
Joined: Sat Mar 13, 2004 10:21 pm
Location: UK

Post by Bon Bon »

The majority of posts are suggesting that he modifies his code so that people can crack into his website.

I am asumuing he has already done some sort of sanitisation on the $username so the following will do him just fine:

Code: Select all

header("Location: http://www.mydomain.com/$username");
After all, that is all he was asking.
Steve Mellor
Forum Commoner
Posts: 49
Joined: Thu Aug 02, 2007 8:18 am

Post by Steve Mellor »

Bon Bon wrote:I am asumuing he has already done some sort of sanitisation on the $username...
I didn't assume anything. I know that when I am trying to get something to work I am only worried about how it works and then I can worry about security when I understand it. You are right though. Without some form of processing or checking then the code on its own is not safe at all.
Post Reply