Header and redirection problem

[williamZanelli]

Hi guys,

 

I have a form on my page, when its submitted, I want the same page to be updated with a thank you or error message, [after processing], so when the submit is clicked the following code runs..

 

if ($_POST["recaptcha_response_field"]) {
                $resp = recaptcha_check_answer ($privatekey,
                                                $_SERVER["REMOTE_ADDR"],
                                                $_POST["recaptcha_challenge_field"],
                                                $_POST["recaptcha_response_field"]);
                
                if ($resp->is_valid) {
                        echo "Succesfully verified that you are human.";
               			$successMsg = "Thank you for your query, a member of the footyfocus crew will be in touch soon! :-)";
		    		$main_smarty->assign('successMessageCaptcha', $successMsg);
					header("Location: ".$_SERVER['PHP_SELF']);

			} else {
			echo ("inside contact process5: ERROR");
                     // set the error code so that we can display it
					$errorMsg = "Error. Please re-enter the Captcha phrase.";
					$main_smarty->assign('errorMessageCaptcha', $errorMsg);

                header("Location: ".$_SERVER['PHP_SELF']);

			}

 

However, in this instance when I redirect to the same page, the echo messages are not present, any ideas?

 

Thanks in advance, Will

 

 

[alexweber15]

Will, I'm surprised you didn't get any header-related errors!

 

The problem is that you echo first and redirect after

 

So basically what happens is that its so fast that you won't see the echo at all.

 

If you are using Sessions, store the message in a session and then if the corresponding Session variable is set after reloading, echo the message.

 

If not, you could use GET to pass the message and it would be a similar implementation.

 

Example using GET for simplicity but I recommend Sessions instead.

 

// handles posts
if($_POST){
    // do all your stuff
    if( // condition met ){
       $message = 'thank you';
    }else{
        $message = 'you lose';
    }
    // do any other stuff before redirecting
    header("Location: ".$_SERVER['PHP_SELF']."?msg=".$message);
}elseif($_GET['msg']){
    echo $_GET['msg'];
}

 

havent tested but it should work and hopefully you get the idea!

 

Important: Using PHP_SELF can be dangerous when used as form action parameters *doesn't apply to your case specifically but always good to know anyway

 

Alex

[Maq]

Important: Using PHP_SELF can be dangerous when used as form action parameters *doesn't apply to your case specifically but always good to know anyway

 

Never knew about this, thanks for the link. 

[.josh]

do you have error reporting turned on? Because you are echoing stuff before a header call.  That should be giving you a "headers already sent" error.

[Maq]

ini_set ("display_errors", "1");
error_reporting(E_ALL);

[alexweber15]

i was thinking the same thing about headers but since Maq mentioned nothing about it i decided not to overcomplicate

 

anyway, did you get it to work Maq?

[williamZanelli]

Hey guys, thanks for the responses.

 

I got it working as stated by alexweber15  - well explained dude!

 

Prob now is, if the form has an error, such that I need to redo some fields, I end up looisng the data that had already been inputted.

 

Any ideas on how to deal with this?

 

Thanks for your help

 

William

[neromir]

Best way to do that might be with the session again, as already suggested with the error message.  Then you can just put the value back into your form fields like

 

<input type='text' name='someName' value='<?php echo $_SESSION['variableName'] ?>' />

[Maq]

i was thinking the same thing about headers but since Maq mentioned nothing about it i decided not to overcomplicate

 

anyway, did you get it to work Maq?

 

I think you mean williamZanelli, not me. 

[alexweber15]

i was thinking the same thing about headers but since Maq mentioned nothing about it i decided not to overcomplicate

 

anyway, did you get it to work Maq?

 

I think you mean williamZanelli, not me. 

 

yup!  my bad!  and just to complement neromir's explanation:

 

Best way to do that might be with the session again, as already suggested with the error message.  Then you can just put the value back into your form fields like

 

<input type='text' name='someName' value='<?php echo $_SESSION['variableName'] ?>' />

 

that's what it would look like in the 'output part' and in your POST handler you would save all user inputs to session variables:

 

// blabla
if($_POST){
foreach($_POST as $key => $val){
    $_SESSION['userInput'][$key] = $val;
}
// nothing else changes
}else{ ... }

 

again, excessive simplicity to get the message across but you really wanna be validating any and every thing that comes from a user input!   so maybe just add this:

 

$_SESSION['userInput'][$key] = clean($val);

 

and then define a function called clean() or use one of PHP's filter functions or something to avoid malicious code injections (especially if the data is going to a DB at some point) but anyway you get the picture right?