The title of this question kind of explains my question. How do I redirect the PHP page visitor back to their previous page with the header( "Location: URL of previous page" );
Asked
Active
Viewed 4.8e+01k times
135
Web_Designer
- 72,308
- 93
- 206
- 262
-
header('Location: ' . $_SERVER['HTTP_REFERER']); – Apr 05 '20 at 15:28
-
According to this source https://www.w3schools.com/php/php_superglobals_server.asp, it's not reliable because not all vendors support it – mohadennis May 23 '20 at 09:23
7 Answers
284
try:
header('Location: ' . $_SERVER['HTTP_REFERER']);
Note that this may not work with secure pages (HTTPS) and it's a pretty bad idea overall as the header can be hijacked, sending the user to some other destination. The header may not even be sent by the browser.
Ideally, you will want to either:
- Append the return address to the request as a query variable (eg. ?back=/list)
- Define a return page in your code (ie. all successful form submissions redirect to the listing page)
- Provide the user the option of where they want to go next (eg. Save and continue editing or just Save)
Dimitry
- 6,545
- 2
- 20
- 21
-
22
-
3
-
@Pekka heck, just grep your access log for referers which doesn't start from "http://". And where would it take all these users? – Your Common Sense Mar 13 '11 at 10:52
-
2Using the referer, after prior testing whether it's set and valid, in a defined page-to-page context can be a perfectly acceptable practice - the vast majority of browsers sends a proper HTTP_REFERER along. – Pekka Mar 13 '11 at 11:08
-
1@Col I've use this in production when I had to get something done for a demo. As you can see from my answer, I provide three other solutions I would turn to instead of the redirection based on HTTP_REFERER. – Dimitry Mar 13 '11 at 16:00
-
1@Col I grepped three daily logs: Yesterday's, and from two days last year. I see nothing but empty ones, `-`, or `http://` URLs – Pekka Mar 13 '11 at 19:21
-
@Pekka empty referer will cause blank screen out from this code. – Your Common Sense Mar 13 '11 at 19:24
-
@Pekka I am tired of this. Go try it in real, with logging all improper referers. Then come back and we will continue – Your Common Sense Mar 13 '11 at 19:30
-
1@Col are you playing a joke with me? How many browsers do you know that suppress the referer? The OP is asking about a page on the same site. – Pekka Mar 13 '11 at 19:31
-
1@Col All I can find on the issue is [this](http://stackoverflow.com/questions/2668821/which-browsers-do-not-send-referer-information) and [this](http://en.wikipedia.org/wiki/Referrer#Referrer_hiding). Unless you can provide proof of a significant number of browsers that by default don't send referer information when switching from one page on the same domain to the other, I call bullshit. – Pekka Mar 13 '11 at 19:33
-
1@Pekka: I realize this is old news, but Chrome returns `favicon.ico` for `$_SERVER['HTTP_REFERER']` for me very frequently, so I have to agree that method is useless in the real world. – Wesley Murch Mar 12 '12 at 09:08
-
1@Madmartigan that sounds like an improperly set up redirection though. To my knowledge, HTTP_REFERER is not broken. – Pekka Mar 12 '12 at 09:13
-
@Pekka: favicons are a strange case though, the way they're loaded and cached (I still don't understand all the details). In fact, just putting one in your webroot without a reference to it in your HTML will load it in the browser tab. And, like I said for this case, just Google Chrome was doing it. `HTTP_REFERER` is not "broken", it just shouldn't be used for this. You can't assume it's the last "page" a user visited, could be any resource. I'm guessing that Chrome was fetching the icon more than it needed to or something. Not sure what you mean by "improperly set up redirection" – Wesley Murch Mar 12 '12 at 09:16
-
2@Madmartigan that sounds like really weird behaviour, the only hint I can see on the 'net causing it is some redirection problems. Anyway, I agree that using the referer is not the way if you need 100% safety – Pekka Mar 12 '12 at 10:23
27
Its so simple just use this
header("location:javascript://history.go(-1)");
Its working fine for me
Hammad
- 1,268
- 15
- 27
-
2This sounded really clever, but in FF10 I get `"Corrupted Content Error The page you are trying to view cannot be shown because an error in the data transmission was detected."` So this is basically unusable. – Wesley Murch Mar 12 '12 at 09:03
-
Wesley Murch, Its working fine for me in almost every major browser included the one you've mentioned. Its only work for you only in case you came to the page having something in history. – Hammad Jun 12 '12 at 07:17
-
6
20
Just a little addition:
I believe it's a common and known thing to add exit; after the header function in case we don't want the rest of the code to load or execute...
header('Location: ' . $_SERVER['HTTP_REFERER']);
exit;
6opko
- 1,718
- 2
- 20
- 28
17
You have to save that location somehow.
Say it's a POST form, just put the current location in a hidden field and then use it in the header() Location.
rybo111
- 12,240
- 4
- 61
- 70
Your Common Sense
- 156,878
- 40
- 214
- 345
3
Storing previous url in a session variable is bad, because the user might right click on multiple pages and then come back and save.
unless you save the previous url in the session variable to a hidden field in the form and after save header( "Location: save URL of calling page" );
rudy
- 311
- 3
- 14
1
I know this question focuses specifically on headers, but in case anyone would like to do it inside a button, this would suffice.
<button type="button" class="btn btn-default" onclick="javascript:history.go(-1)">Back</button>
chobela
- 305
- 3
- 5