SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Member
    Join Date
    Nov 2006
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question about redirecting with $_GET

    Hi there, I'm really a complete newbie as far as php goes, but here is my question, thanks in advance for any help.

    I'm attempting to use php to set up some redirect or jump links using the $_GET

    My question is regarding security issues, is the current code format I will be using secure or does it leave any vunerability issues to the server or script.

    Is the exit() enough or do I need to also use a bit of code to tell the script to report an error if anyone tries to input a variable other than the ones I have assigned a hard coded link for.

    Hope that makes sense, here is the type of coding I mean (below)

    PHP Code:
    <?php

    $name 
    $_GET['name'];

    if (
    $name == "aa") {$link "URL";}

    if (
    $name == "bb") {$link "DIFFERENT-URL";}

    if (
    $name == "cc") {$link "ANOTHER-URL";}

    header("Location: $link");

    exit()

    ?>

    Thanks again.

  2. #2
    SitePoint Addict
    Join Date
    Jul 2008
    Posts
    213
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If you are hard coding the links then there wouldn't be any issue because $link is equal to what you say it is. You code also use if elseif statements instead of 3 separate if statements.

    The exit() stops the rest of the script from being executed. You just need to add the semicolon to the end of that line.

    PHP Code:
    $name $_GET['name'];
    if (
    $name == "aa") {
     
    $link "URL";
    } elseif (
    $name == "bb") {
     
    $link "DIFFERENT-URL";
    } elseif (
    $name == "cc") {
     
    $link "ANOTHER-URL";
    } else {
     print 
    "Invalid name";
     exit();
    }

    header("Location: ".$link);
    exit(); 

  3. #3
    SitePoint Member
    Join Date
    Nov 2006
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hello, thank you for your quick reply.

    So, is using elseif a more correct way of doing it instead of using separate if statements ?

    Out of interest, in the example I gave before, would it go through each if statement to check it and if it didnt find a matching $ just have skipped past the header Location part to exit ?

    Also I notice in your example you have for the header location part

    PHP Code:
    header("Location: ".$link); 
    which is diferent to how I had it in my example as

    PHP Code:
    header("Location: $link"); 
    Was mine the wrong way of doing it or is there a better advantage to doing it the way you suggest?

    Sorry for the newbieness of my questions but it would be cool if you or someone could explain the differences a little as to whats going on behind the code kind of thing.

    Thanks again.

  4. #4
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes, elseif is more suitable here. This is because only one of the conditions can be true, so there's no sense to keep checking the other condtions after a match is found. However, when you have a bunch of elseif conditions which all are doing nearly the same thing by comparing the same variable to different values, a switch statement is ideal. http://www.php.net/switch

    There's also a handy way to to use an associative array to accomplish what you want as well. But, the end result is the same either way.

    As for
    PHP Code:
    header("Location: $link");
    // vs
    header("Location:" $link"); 
    They both work functionaly the same. Some people prefer to concatenate the variable as spiderling did, instead of embed it in the string like you did. It's less obvious that a variable is being used inside of a string unless you have a good syntax highlighter(few editors will highlight variables unless they're outside of a string). This forums syntax highlighting is a perfect example.

    I tend to prefer putting the variable inside the string like you did, but do it both ways depending on the situation.

  5. #5
    SitePoint Member
    Join Date
    Nov 2006
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks very much for that detailed explaination and thank you to both members who replied for taking the time to answer my question.

    I hadn't realised that using the if statement several times meant the script would keep checking the others even if it had already found a match on a previous line.

    I wonder, in my first example, if there was no match found at all would it have just ignored the header Location and jumped right to the
    PHP Code:
    exit(); 

  6. #6
    SitePoint Addict
    Join Date
    Jul 2008
    Posts
    213
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ClintReno View Post
    I wonder, in my first example, if there was no match found at all would it have just ignored the header Location and jumped right to the
    PHP Code:
    exit(); 
    It does attempt the header call and since there is nothing to redirect to, it continues executing the code below, which would be the exit. And with the exit in place that stops any further code from being executed.

  7. #7
    SitePoint Member
    Join Date
    Apr 2009
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Avoid using too many double quotes because PHP interpreter has to parse those strings to find out variables inside.

    In this case you can write like below to get better performance:

    PHP Code:
    header('Location: ' $link); 
    Just small tip for newbie

    James.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •