[smeger]

Hello, PHP Gurus,

This problem is driving me nuts!

I've got script1.php that presents a form. The form's action tag sends the browser to script1.php again, using POST. The script validates the form entries, does some processing (without outputting anything), and then redirects to a new page.

This works great on everything but Windows Internet Explorer. IE gives a page-not-found error when I submit the form.

However, after trying it a few times, it begins to work, even if I clear IE's temporary files, set the caching so it'll check pages every time, and even reboot. But if I go to a different Windows box and try IE again, it'll fail.

The only ideas I've got at this point are vague thoughts about persistant connections and caching.

Please help save my hair!

Posting the code on this board didn't work well at all, so grab it here.

[Raman]

Originally posted by smeger:
Hello, PHP Gurus,

This problem is driving me nuts!

I've got script1.php that presents a form. The form's action tag sends the browser to script1.php again, using POST. The script validates the form entries, does some processing (without outputting anything), and then redirects to a new page.

This works great on everything but Windows Internet Explorer. IE gives a page-not-found error when I submit the form.

However, after trying it a few times, it begins to work, even if I clear IE's temporary files, set the caching so it'll check pages every time, and even reboot. But if I go to a different Windows box and try IE again, it'll fail.

The only ideas I've got at this point are vague thoughts about persistant connections and caching.

Please help save my hair!

Posting the code on this board didn't work well at all, so grab it here.

if (isset($returnedData)) {
if (isset($returnedData['Duplicate'])) {
Header("Location: duplicate.php");
exit();
}
else if (isset($returnedData['Processed'])) {
Header("Location: processed.php");
exit();
}
}
How about instead of setting the location to a relative URI, hows about trying an absolute one or programatically generating it? or hows about "./duplicate.php" and "./processed.php"?

While I'm on my soap box, why not use site-root urls? i see youre using templated - style design. so instead of figuring out where the include file is why not just put it in /includes/*.inc? this way you can reference

include ("/commonhead.inc");

from any page and it'll always work.. instead of trying to figure out if its ../../ or ../../../../ - get my drift?

finally, looking at the documentation at php.net I saw:

The second special case is the "Location:" header. Not only does it send this header back to the browser, but it also returns a REDIRECT (302) status code to the browser unless some 3xx status code has already been set.


header("Location: http://www.example.com/"); /* Redirect browser */
exit; /* Make sure that code below does
not get executed when we redirect. */




Note: HTTP/1.1 requires an absolute URI as argument to Location: including the scheme, hostname and absolute path, but some clients accept relative URIs. You can usually use $_SERVER['HTTP_HOST'], $_SERVER['PHP_SELF'] and dirname() to make an absolute URI from a relative one yourself:


header("Location: http://".$_SERVER['HTTP_HOST']
.dirname($_SERVER['PHP_SELF'])
."/".$relative_url);

----------------

looks like you might want to try the absolute uri after all....
hth.
-raman

[Raman]

BTW, unless you have your websever set to not parse and show me the contents of your *.inc files, i'd probably change the *.inc files to *.php or something - at least this way I'll get an error or something if I were to try and hack your site by trying to peek into your .inc files, which may be chock full of connection strings and other stuff.

This goes for any server side scripting language - make your include files not servable by the web server or change the extension to your server side language's extension at the very least.

-raman

[smeger]

Originally posted by Raman:

How about instead of setting the location to a relative URI, hows about trying an absolute one or programatically generating it? or hows about "./duplicate.php" and "./processed.php"?

I've tried this - no difference. My actual code uses absolute urls because of the php.net note you referenced. I just made 'em relative to simplify the code I posted.

It appears that my problem is being caused by an IE bug. More info is available here.

However, I'm not seeing an easy work-around. I can't use GET instead of POST for various reasons. Ideas?

While I'm on my soap box, why not use site-root urls? i see youre using templated - style design. so instead of figuring out where the include file is why not just put it in /includes/*.inc? this way you can reference

include ("/commonhead.inc");

from any page and it'll always work.. instead of trying to figure out if its ../../ or ../../../../ - get my drift?

This is a very good idea - I'll do this.

BTW, unless you have your websever set to not parse and show me the contents of your *.inc files, i'd probably change the *.inc files to *.php or something - at least this way I'll get an error or something if I were to try and hack your site by trying to peek into your .inc files, which may be chock full of connection strings and other stuff.

This goes for any server side scripting language - make your include files not servable by the web server or change the extension to your server side language's extension at the very least.

I've got my .htaccess set up to not serve .inc files. Unfortunately, I don't have access to anywhere outside of the document-root on the webhost. This bothers me.

I'm open for suggestions on this. I don't like relying on .htaccess for security.

Thanks very much for your help and good advice!

[smeger]

Just in case anyone else ever runs across this, it's caused by a long-standing bug in Windows versions of Internut Exploder. Documentation here.

It can be worked around by putting their fix into an .htaccess file.

And this was a bitch to debug, by the way!