header("Location: page.php") not redirecting

Hi all,

I have this in a template:

$redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
header("Location: $redirect");

Only, nothing happens when this code is executed. Nothing. It gets
completely ignored.

I even tried:

$redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
echo $redirect;
header("Location: $redirect");

to try and throw an error, but all that happens is the value of
$redirect gets sent to the screen and then rest of the page is
displayed. I know the code block is getting executed, but I have no
idea WHY the header() function is not doing its job.

Any thoughts? Please CC me on the post since I am on the digest.

Thanks

--- rogue <rogue@mail.rightcode.net> wrote:
> $redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
> header("Location: $redirect");
>
> Only, nothing happens when this code is executed.

I would try two things, in this order:

1. Use a full URL. A Location header is defined in the specification as
taking a full URL as an argument. You are using a relative one, which is
incorrect.

2. Replace your header call with an echo. Basically, rather than
header("Location: $redirect") use echo "Location: $redirect" instead. This
might reveal typos or other problems that are more difficult to inspect
when in the HTTP headers instead of the content.

Hope that helps.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/

* Thus wrote rogue (rogue@mail.rightcode.net):
>
> $redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
> header("Location: $redirect");
>
> Only, nothing happens when this code is executed. Nothing. It gets
> completely ignored.
>
> I even tried:
>
> $redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
> echo $redirect;
> header("Location: $redirect");

You're error_reporting is too low, set it to something like:
error_reporting(E_ALL);

before the header() call

Curt
--
If eval() is the answer, you're almost certainly asking the
wrong question. -- Rasmus Lerdorf, BDFL of PHP

Okay. I reworked the code a bit, but still no go.

Here is what I have:

$redirect = "http://" . $_SERVER['HTTP_HOST'] .
"/cm/clients/viewclient.php?id={$_REQUEST['id']}&foo=bar";
error_reporting(E_ALL);
echo "Location: $redirect";
header("Location: $redirect");

I get NO errors at all :(
It was my understanding that the only thing I needed to worry about
breaking this, would be if there was some output before the header().
There is not, but there are some variables getting set etc.

Anyone else think of anything?

Thanks

On Dec 1, 2003, at 4:48 PM, Chris Shiflett wrote:

> --- rogue <rogue@mail.rightcode.net> wrote:
>> $redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
>> header("Location: $redirect");
>>
>> Only, nothing happens when this code is executed.
>
> I would try two things, in this order:
>
> 1. Use a full URL. A Location header is defined in the specification as
> taking a full URL as an argument. You are using a relative one, which
> is
> incorrect.
>
> 2. Replace your header call with an echo. Basically, rather than
> header("Location: $redirect") use echo "Location: $redirect" instead.
> This
> might reveal typos or other problems that are more difficult to inspect
> when in the HTTP headers instead of the content.
>
> Hope that helps.
>
> Chris
>
> =====
> Chris Shiflett - http://shiflett.org/
>
> PHP Security Handbook
> Coming mid-2004
> HTTP Developer's Handbook
> http://httphandbook.org/

--- rogue <rogue@mail.rightcode.net> wrote:
> $redirect = "http://" . $_SERVER['HTTP_HOST'] .
> "/cm/clients/viewclient.php?id={$_REQUEST['id']}&foo=bar";
> error_reporting(E_ALL);
> echo "Location: $redirect";
> header("Location: $redirect");

I meant to try using a full URL first, then use echo if it still doesn't
work. :-) This shouldn't work as it is, because you have output prior to
your header call.

But, since you already tried this, what did the echo output? Did it look
correct? Comment that out, and see what happens.

Hope that helps.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/

Hi,

Tuesday, December 2, 2003, 7:17:58 AM, you wrote:
r> Hi all,

r> I have this in a template:

r> $redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
r> header("Location: $redirect");

r> Only, nothing happens when this code is executed. Nothing. It gets
r> completely ignored.

r> I even tried:

r> $redirect = "viewclient.php?id={$_REQUEST['id']}&foo=bar";
r> echo $redirect;
r> header("Location: $redirect");

r> to try and throw an error, but all that happens is the value of
r> $redirect gets sent to the screen and then rest of the page is
r> displayed. I know the code block is getting executed, but I have no
r> idea WHY the header() function is not doing its job.

r> Any thoughts? Please CC me on the post since I am on the digest.

r> Thanks


Try adding exit; after the header call.

--
regards,
Tom

hi again,

echo looks fine (no error in the URL). I am stumped. Is there anything
besides output to the screen before header() that breaks it?

thanks

On Dec 1, 2003, at 5:13 PM, Chris Shiflett wrote:

> --- rogue <rogue@mail.rightcode.net> wrote:
>> $redirect = "http://" . $_SERVER['HTTP_HOST'] .
>> "/cm/clients/viewclient.php?id={$_REQUEST['id']}&foo=bar";
>> error_reporting(E_ALL);
>> echo "Location: $redirect";
>> header("Location: $redirect");
>
> I meant to try using a full URL first, then use echo if it still
> doesn't
> work. :-) This shouldn't work as it is, because you have output prior
> to
> your header call.
>
> But, since you already tried this, what did the echo output? Did it
> look
> correct? Comment that out, and see what happens.
>
> Hope that helps.
>
> Chris
>
> =====
> Chris Shiflett - http://shiflett.org/
>
> PHP Security Handbook
> Coming mid-2004
> HTTP Developer's Handbook
> http://httphandbook.org/

--- rogue <rogue@mail.rightcode.net> wrote:
> echo looks fine (no error in the URL). I am stumped. Is there
> anything besides output to the screen before header() that breaks
> it?

I'm sure there are lots of things, but I can't think of why your code
would not work. You did remove the echo before trying again, right? Can
you show us the exact output of the echo call?

A more reliable way to see what is going on is to view the actual HTTP
response your script is generating. Do you have a way to examine this?
There is a Mozilla plugin that can show you the HTTP, and there is also
things such as ethereal which can sniff your network traffic. This would
show you whether the proper Location header is actually being sent in the
response.

I suspect it is not, as I'm not aware of any browser that doesn't handle
this header correctly.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/

* Thus wrote rogue (rogue@mail.rightcode.net):
> Okay. I reworked the code a bit, but still no go.
>
> Here is what I have:
>
> $redirect = "http://" . $_SERVER['HTTP_HOST'] .
> "/cm/clients/viewclient.php?id={$_REQUEST['id']}&foo=bar";
> error_reporting(E_ALL);
> echo "Location: $redirect";
> header("Location: $redirect");

hmm...
- add a ini_set('display_errors', true);
- check your logs, apache and php

That code is throwing an warning somewhere.

Curt
--
If eval() is the answer, you're almost certainly asking the
wrong question. -- Rasmus Lerdorf, BDFL of PHP

Hello rogue,

Monday, December 1, 2003, 10:39:02 PM, you wrote:

r> echo looks fine (no error in the URL). I am stumped. Is there anything
r> besides output to the screen before header() that breaks it?

Other than browser incompatibility, not usually.

You can use the following to determine if a header has been sent
without you perhaps realising it (an extra space before a PHP tag
perhaps)

<?
if (!headers_sent()) {
header ('Location: http://www.google.com/');
exit;
}
?>

Ideally you should exit after the header is finished.

--
Best regards,
Richard mailto:rich@launchcode.co.uk