[thelist] header ("Location ...

kasimir-k kasimir.k.lists at gmail.com
Sat Feb 17 11:06:07 CST 2007


Bob Meetin scribeva in 17/02/2007 0:19:
> I have some php forms which I use for updating images and galleries.  
> When I delete an image I redirect to another page.  This works fine on 
> my windows pc in both Firefox and even in IE (bless its heart).  But on 
> my linux PC, it falters in both Firefox and Konqueror.  It seems to lose 
> the session (or something) and redirected my unauthorized page which 
> means that you need to login to use the utility. 
> 
> header ("Location: http://www.webserver.com/script.php");

My guess would be, that your cookie settings are different on your PCs
or that Windows and Linux browsers accept cookies differently.

When you set a cookie, you can also set it's domain, and if you don't,
then the domain of the request is used. If your request is for
http://example.com, and you redirect to http://www.example.com, then the
session cookie should not be read, as www.example.com is different domain.

To always have a correct domain in your Location header you could try this:
header("Location: " . $_SERVER["HTTP_HOST"] . "/script.php");

> I have a workaround.  I can do a chdir to get to the directory where the 
> script.php file lives, then:
> 
> chdir ("/home/whatever/www");

This chdir actually has no effect on the headers you send - it only sets
PHP's current directory, and the HTTP response sent to the browser knows
nothing about PHP's current directory.

> header ("Location: script.php");

And this is actually against the specs, which say that an absolute URI
should be used[0]. I guess that it actually works because browsers are
forgiving on this, and will default to your current domain.


.k


[0]http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30




More information about the thelist mailing list