PHP URL redirection not working as expected

Question

I am having a problem loading a fresh "thankyou.php" file after a form has been submitted. The form sends data to itself and if all the data passes validation it then proceeds to save them in the database.

The "thankyou.php" quite loads but the "signup.php" still remains and the output of both files remain in the same page. I want it on a fresh page but it won't work.

Here is my sanitation:

if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (empty($_POST["firstName"]))
{$Err[] = "* First Name is required";}
else
{
$name = test_input($_POST["firstName"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name))
  {
  $Err[] = "Only letters are allowed in First Name"; 
  }
}

if (empty($_POST["email"]))
{$Err[] = "* Email is required";}
else
{
$email = test_input($_POST["email"]);
// check if e-mail address syntax is valid
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
  {
  $Err[] = "Invalid email format"; 
  }
}   
}

And the form:

<div id = "signupform">

" > Email Address First Name

And database connection and insertion:

try {
  $conn = new PDO('mysql:host=localhost; dbname=mydb', 'root', ''); 
  $conn->setAttribute(PDO:: ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}

catch(PDOException $pe) { echo('Connection error, because: ' .$pe->getMessage()); }

//Insert data to Database if values are not empty and sanitized if (!empty($_POST["firstName"]) && !empty($_POST["email"])) { $qry = "INSERT INTO userdetails (email, firstName) values (?, ?)";

$q = $conn->prepare($qry) or die("ERROR: " . implode(":", $conn->errorInfo()));

$q->bindParam(1, $email);
$q->bindParam(2, $firstName);


try {
  if($q->execute()){
    header("Location: invoice.php");
    exit;
  }
  }
catch(PDOException $pe) {
  echo('Connection error, because: ' .$pe->getMessage());
}

}

And that's all but it is still not loading a fresh page.

What is the `test_input` function, I don't understand and it's nothing I've seen before. As in `$name = test_input($_POST["firstName"]);` — Funk Forty Niner, Oct 27 '13 at 05:26
Also where is your submit button in your form, are you sure that's the full code? — Funk Forty Niner, Oct 27 '13 at 05:29
I'm also suspecting this `action =""` try changing it to `action=""` and see what that does, just to test. — Funk Forty Niner, Oct 27 '13 at 05:31
It is just a function that passes its parameter through as in: function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } — , Oct 27 '13 at 05:31
@YaxMokwa and did you try using `action=""` instead of `action =""` ? — Funk Forty Niner, Oct 27 '13 at 05:37
The only reasons I can think of that your content shows from 2 pages can be either that, you have iframes, or frames. Also check if you have `base href` anywhere. I'm completely puzzled at this point and have no other solutions/suggestions to give you. — Funk Forty Niner, Oct 27 '13 at 05:46

score 0 · Answer 1 · answered Oct 27 '13 at 04:20

0

I think the problem is you are calling $q->execute() twice, try this:

try {
    if ($q->execute()){
        header("Location: thankyou.php");
        exit;
    }
} catch(PDOException $pe) {
    echo('Connection error, because: ' .$pe->getMessage());
}

answered Oct 27 '13 at 04:20

Tony Dinh

6,668
5
39
58

I did that but the problem is still the same. – Oct 27 '13 at 04:24
@YaxMokwa Did you try what I wrote in [my comment](http://stackoverflow.com/questions/19614565/php-url-redirection-problema#comment29117021_19614565) above? Using `if ($q){` instead of `if ($q->execute()){` – Funk Forty Niner Oct 27 '13 at 04:29
@YaxMokwa show me more of your code, where did you send your POST request to signup.php? – Tony Dinh Oct 27 '13 at 04:32
If I try that, will the thankyou.php not load regardless of error? – Oct 27 '13 at 04:33
@YaxMokwa It shouldn't. Try it. You would need to use an `else` condition also on error. – Funk Forty Niner Oct 27 '13 at 04:34
I tried it but I still get the same result. The two pages are still muddled up together in a page. – Oct 27 '13 at 04:37
@YaxMokwa I'm under the impression you're using an `include` or an `iframe` - header location should redirect to a new page. – Funk Forty Niner Oct 27 '13 at 04:38
@Fred-ii- I think you are get it wrong, we have no idea what is the `$q` vairable and what is its return, then `if ($q) {` makes no sense here. @Yax Mokwa: will you show up your code? – Tony Dinh Oct 27 '13 at 04:38
@TrungDQ After seeing the OP's [other question](http://stackoverflow.com/q/19573346/1415724) `$q = $conn->prepare($qry) or die("ERROR: " . implode(":", $conn->errorInfo()));` therefore if `$q` is successful, then it should execute. – Funk Forty Niner Oct 27 '13 at 04:40
@Fred-ii: I am not using either of those. Here is what I used:
– Oct 27 '13 at 04:48
@YaxMokwa It's very hard to tell without seeing your entire code including the form. You're not using Ajax by any chance, are you? – Funk Forty Niner Oct 27 '13 at 04:56
I need this solved so badly before I travel this morning but it is not working correctly. Let me post the code. – Oct 27 '13 at 05:01
I have update the question with the codes. Many thanks! @Fred-ii- – Oct 27 '13 at 05:21
I have update the question with the codes. Many thanks! @TrungDQ – Oct 27 '13 at 05:24
@YaxMokwa Please see new comments under your question instead, that I posted now. There are three. – Funk Forty Niner Oct 27 '13 at 05:32

score 0 · Answer 2 · edited Jun 10 '14 at 07:14

After more digging up and more understanding of what you are actually doing (the wrong way), I came up with my solution. Pretty much you need to make it so that the MySQL insert statements were a part of the error validation not stand-a-lone. If you look at my prior code the PDO statements had no real place in the code, it was just there.

However, if it is true that there are no $Err, it will run the insert script with a error check for that script. Then if it inserts correctly, it will then redirect the user to the next page.

For validation code, check with the submit button.

if(isset($_POST["submit"])){if (empty($_POST["firstName"])){$Err[] = "* First Name is required";}else{$name = test_input($_POST["firstName"]);if (!preg_match("/^[a-zA-Z ]*$/",$name))  {  $Err[] = "Only letters are allowed in First Name";   }}if (empty($_POST["email"])){$Err[] = "* Email is required";}else{$email = test_input($_POST["email"]);if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)){  $Err[] = "Invalid email format";   }}   }

Validated error message:

if (empty($Err) === false) {
        echo '<h3>';
        foreach ($errors as $Err) {
            echo '<center><li>', $error, '</li></center>';
        }

        echo '< h3 >';
    }

Your HTML form should be like this:

<form method="post"  action ="echo $_SERVER['PHP_SELF'];"><table >        
<tr><td>Email Address < input type="text"  name="email" value="email" ></td>
</tr><tr valign="baseline"> 
  <td>First Name <br/>< input type="text" name="firstName" value="" ></td>
</tr>
<input type="submit" value="submit" name="submit">
</form>

Now the server-side query operation will execute with validated only:

try {
    $conn = new PDO('mysql:host=localhost; dbname=mydb', 'root', ''); 
    $conn->setAttribute(PDO:: ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}catch(PDOException $pe) {
    echo('Connection error, because: ' .$pe->getMessage());
}if (!empty($_POST["firstName"]) && !empty($_POST["email"])){
$qry = "INSERT INTO userdetails (email, firstName) values (?, ?)";
$q = $conn->prepare($qry) or die("ERROR: " . implode(":", $conn->errorInfo()));
$q->bindParam(1, $email);
$q->bindParam(2, $firstName);
try {
    if($q->execute()){

// You can use Two Way to Redire Server side Depending on version

       // http_redirect("invoice.php");
       //OR (Above & below any 1 line can be workout for you.
        header("Location: invoice.php");
        exit;
    }
    }
catch(PDOException $pe) {
    echo('Connection error, because: ' .$pe->getMessage());
}}

PHP URL redirection not working as expected

2 Answers2