Redirect to HTML input value from PHP

Question

So I want to create a simple result page that lets users download their results using the given code.

This is the script:

<form action="" method="post" >
    <input type="text" name="logincode">
    <input type="submit" name="send">
</form>

<?php
    $name = $_POST['logincode'];
    $filename = $name.'/'.$name.'pdf';  
    header('Location: ./'$filename'');
?>

The principle is when the user writes into the input field, for example (1234) and hits enter, it should redirect him to:

./1234/1234.pdf

I don't know where the mistake is in my code.

What goes wrong? From the looks of it, you'll need to put the `header()` command [before any output](https://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php). — showdev, Mar 15 '18 at 18:14

Lawrence Cherone · Answer 1 · 2018-03-15T18:44:48.597

Few issues,

Your header should be before anything else as @showdev mentioned in a comment.
You're missing a . between filename and extension
You also have a syntax error in the header trailing ''
And you should exit redirect headers.

You should also be checking your variables as you go, plus check the file exists, so you can show errors.

<?php
// check post request
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
   $errors = [];
   // check logincode is set and a number
   if (!isset($_POST['logincode']) || !is_numeric($_POST['logincode'])) {
       $errors['logincode'] = 'Invalid login code';
   } else {
       $name = $_POST['logincode'];

       // check file is found
       if (!file_exists($name.'/'.$name.'.pdf')) {
           $errors['logincode'] = 'Your results are not ready.';
       }

       // now check for empty errors
       if (empty($errors)) {
           exit(header('Location: ./'.$name.'/'.$name.'.pdf'));
       }
   }
}
?>

<form action="" method="post">
    <?= (!empty($errors['logincode']) ? $errors['logincode'] : '') ?>
    <input type="text" name="logincode">
    <input type="submit" name="send">
</form>

Jonas Borneland · Answer 2 · 2018-03-15T18:36:26.313

0

You are missing a “.” before pdf aren’t you?

And also wrong header('Location: ./'$filename'');

Try this :)

<?php
$name = $_POST['logincode'];

$filename = $name.'/'.$name.'.pdf';
header('Location: ./'.$filename);
?>

edited Mar 15 '18 at 18:36

answered Mar 15 '18 at 18:17

Jonas Borneland

383
1
6
19

thank you brothers but when i tried any of those codes it not redirect to the pdf file the page refresh that's it – walidz Mar 15 '18 at 20:46
Could it be that you need two dots to get back a folder like “Location: ../‘.$filename); ? – Jonas Borneland Mar 15 '18 at 20:54
no sir the folder is in the same script's folder so i sould use one dot i think the probem is on the submit button not works good – walidz Mar 15 '18 at 23:18

score 0 · Answer 3 · answered Mar 15 '18 at 18:36

0

It's very insecure code!

Major changes below:

write test for user input data TODO by you
change order PHP block code first, form (HTML) code next in snippet
add test is post request_method before any $_POST['...']; in snippet

add .(dot) before filename extension i $filename in snippet

    <?php
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $name = $_POST['logincode'];
        
        $filename = $name.'/'.$name.'.pdf';  
        header('Location: ./'$filename'');
    }

    ?>

    <form action="" method="post" >
    <input type="text" name="logincode">
    <input type="submit" name="send">
    </form>

answered Mar 15 '18 at 18:36

SlaWitDev

457
2
9

Whys it insecure? – Lawrence Cherone Mar 15 '18 at 18:41
It was about @walidz code (without any tests of user input data or http_request method) not yours. Your answer is great. We wrote answers in the same time. – SlaWitDev Mar 15 '18 at 18:56
thank you brothers but when i tried any of those codes it not redirect to the pdf file the page refresh that's it – walidz Mar 15 '18 at 20:46
It works. I'm sure. I've tested it again a moment ago Server Linux/Apache/php-7.1.13; browsers ffx / chrome / IE11 / MS Edge in all browsers works as expected, it means redirect to pdf file. – SlaWitDev Mar 15 '18 at 21:04
i dunnno why it not work , i'v tried on 000webhost and localhost and some other servers , always the same thing it not redirec to the pdf file it just refresh when iclick enter – walidz Mar 16 '18 at 08:57
Check if you have any sign (any space or other in script) before – SlaWitDev Mar 16 '18 at 09:22

Vinayak · Answer 4 · 2018-03-16T01:43:47.733

0

<form action="" method="post" >
<input type="text" name="logincode">
<input type="submit" name="send">
</form>

<?php
if($_POST){
$name = $_POST['logincode'];


$filename = $name.'/'.$name.'.pdf';

header('Location: ./'.$filename.'');
}
?>

edited Mar 16 '18 at 01:43

answered Mar 15 '18 at 18:40

Vinayak

151
1
7

thank you brothers but when i tried any of those codes it not redirect to the pdf file the page refresh that's it – walidz Mar 15 '18 at 19:49
@walidz I have edited it, will work now, working on my localhost btw. – Vinayak Mar 16 '18 at 01:44
when you fill the input with xxxx and hit enter it will be redirect to xxx/xxx.pdf ? are you sur sir ? i tried on 3 web hosting but its still not work – walidz Mar 16 '18 at 08:40
@walidz Yes it's working. Assume that your file url is localhost/location.php, enter xxxx and submit, it will go to localhost/xxxx/xxxx.pdf . If there is no file there, it will display an error. Be sure you have a file at the redirect location. – Vinayak Mar 16 '18 at 09:16
its okey sir yes you r right the error is the file extention of the script – walidz Mar 16 '18 at 19:14
its done sir yes you are right the error is the file extension of the script it was html now its php all done thank you sir – walidz Mar 16 '18 at 19:15
@walidz if my answer helped you kindly upvote it and check the tick next to it. – Vinayak Mar 16 '18 at 23:40

Redirect to HTML input value from PHP

4 Answers4