harish harish - 4 years ago 121
PHP Question

header() not working in php when the url contains parameters?

So I'm using

to capture the URL to use it later but when I use
it wont redirect!

So here's my sample code:

php code:

include 'init.php';
$s = trim($_GET['s']);
$h = trim($_GET['h']);
$i = trim($_GET['i']);
$q = key_check($s,$h,$i);
if($q == 1)
if($q == 0)


key_check( ) function

function key_check($k1,$k2,$id)
$query = mysql_query("select key1 from users where user_id = '$id'");
$key1 =mysql_result($query,0);
$query = mysql_query("select key2 from users where user_id = '$id'");
$key2 =mysql_result($query,0);
if($y || $z == 0)
return 1;
return 0;

Now when I try this, I got "1" but I'm getting

This web page has a redirect loop

But my
doesn't have any redirects. It's just an html page.

Answer Source

The URL you're using to access to your script is:


This loads active.php, which does its role and then tries to send the following header :


The browser recieves this header, and tries to resolve that relative URL by adding password_active.php after the last slash before the query string (that ?s=xxx string).

So your browser loads:


This loads active.php again, which does its role again and then send again the same header, and that loads this page:


Again. And again. And again. After several tries, your browser understands that something is going wrong and stops.

You should use an absolute URL in your HTTP header:

header("Location: /project/password_active.php");

Also, please note how HTTP headers should be written, according to the standard.

Random notes :

  • According to the file names, $s and $h are both passwords. You should hash them, and not passing them via the URL.
  • if($y || $z == 0) is unlikely to work as you think, since it will be evaluated as if y or not z in pseudo code, while you may have wanted if not y and not z for password checking.

Also, good point for calling exit() after a Location header. You should never forget that, as it is very important and may cause some trouble in your scripts if you forget them.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download