Redirect and $_SERVER['Request_URI']

[WeakestLink]

I am trying to allow a redirect after logging in which is great when I have one variable.

On Page1.php I have

PHP Code:

if ($_SESSION['loggedin'] != yes)

{

header("Location:LogIn.php?r=".$_SERVER['REQUEST_URI']);

} 

On the Login.php Page

PHP Code:

...

if ($SuccessfulLogin && isset($_GET['r']))

{

header("Location:".$_GET['r'])

} 

Ignore any typos. The Redirect Works Great except when more the one Variable is in the URL

ex. Page1.php?val1=1&val2=1

It will redirect me to Page1.php?val=1

Obvious when I am redirected to the login it's not copying correctly

Login.php?r=/page1.php?val1=Page1.php?val1=1&val2=1

$_GET['r'] is equal to /page1.php?val1=Page1.php?val1 The & is starting another Variable.

Any suggestions on this?

[php_daemon]

PHP Code:

if ($_SESSION['loggedin'] != yes)

{

header("Location:LogIn.php?r=".urlencode($_SERVER['REQUEST_URI']));

} 

[clamcrusher]

dont forget to call exit(); after sending a redirect header unless you want your script to continue executing.

[stereofrog]

Quote:

Originally Posted by WeakestLink

header("Location:".$_GET['r'])

This code is questionable for two reasons.

Redirect to a relative url is a violation of the HTTP standard which states you must use only absolute urls (starting with protocol and host name).

Direct ouputting unfiltered user input is always a security concern. You should at least validate request parameter to make sure it is really what you expect it to be.