Reputation: 114046
How do I prevent an included PHP script from changing the Location URL?
I'm including a PHP script that changes the URL.
// index.php
ob_start();
include "script.php";
// This script redirects using header("Location:");
$out = ob_get_clean();
// I use the $out data for calculations
echo $out;
Is there a simple way to counter or undo this unwanted redirect? How about:
header("Location: index.php"); // redirect back to self
But this causes an endless redirect loop... any ideas?
Or is there a way to strip out the header() calls from the $out buffer, preventing it from ever reaching the client?
Upvotes: 2
Views: 600
Answers (6)
Reputation: 179159
If you don't have PHP5.3 at your disposal (you probably don't), Gumbo's answer does not work and you don't want to use eval, then the only other option I can see, is the use of streams. This is however yet another, more flexible but complex, form of eval. Streams, combined with tokenizer, and you'll be able to get rid of that function call with a simple:
require 'no-header://script.php';
Upvotes: 1
Reputation: 13972
Since you have the complete text in a string before you output it, you can simple remove the headers you want with a search and replace (using a regex for example).
Upvotes: 0
Reputation: 179159
Just for future references. As of PHP 5.3 there's a new function called header_remove() which helps dealing with such situations.
Upvotes: 5
Reputation: 490423
What about including the file first as a variable with file_get_contents(), stripping out the unwanted headers and then running it with PHP code (I won't mention the evil word used to parse a PHP string as PHP code)?
Upvotes: 1
Reputation: 23216
There isn't really a good way to do that. Two things come to mind:
- Open script.php as a text file, strip out any header() commands and then eval() the result.
- Echo a space before you include script.php and then trap the warning that PHP generates about issuing a header() after the output has already started. You'd need to echo the space before your output buffering.
Upvotes: 2
Reputation: 655489
You could try to overwrite that header field with an invalid value, such as:
header('Location: ', true);
But I don’t know how the clients react on that.
Upvotes: 3
Related Questions
- How to avoid changing the address in the address bar in PHP
- How to stop PHP include() function from redirecting?
- PHP prevent changing url slug
- PHP page teleporting
- Redirection on direct access to PHP script
- PHP current location automatically change to REQUEST_URI
- PHP page redirects using location: from url parameter
- Javascript "window.location" stopping PHP redirect
- Disable redirection script
- URL path redirects to a single php file