html link with php header() redirection

Question

when I am redirecting with "a href .." to another page I lose all my SESSION variables. So I want to redirect only by using header() php function. How I can create a link that when the user use it redirects him to another page using header()? Thank you

here is my code: source page:

session_save_path("myrootdir/cgi-bin/tmp");
session_start();
....
$id = $_SESSION['id']; //session variable passed succesfully from log in page
$usr = $_SESSION['usr'];//by using header('sourcepage.php');
....
< a href='http://targetpage.php'>target< / a>

target page:

session_save_path("myrootdir/cgi-bin/tmp");
session_start();
...
if(isset($_SESSION['id']) && isset($_SESSION['usr'])) {
   echo "success";
}
else{
   echo "failed to pass";
}

I always get failed to pass!

UPDATE

now I have another strange issue...

$_SESSION['id']=$_POST['id'];
$_SESSION['usr']=$_POST['usr'];

if(isset($_SESSION['id']) && isset($_SESSION['usr'])) {
    $id = $_SESSION['id'];
    $usr = $_SESSION['usr'];
    $qry = mysql_query("SELECT * FROM members WHERE id = '". mysql_real_escape_string( $id ) ."' AND usr = '". mysql_real_escape_string( $usr ) ."'");
    echo "Welcome ".$usr;
    echo "Session id".session_id();
    if(mysql_num_rows($qry) != 1) { Destroy(); }
  } else { Destroy(); }

when I check if someone is logged in like this it works perfect in every page but when I remove the echo lines then it calls Destroy() function.

Answer 1

This method works only if you call "header" before any output to browser, including tags. So I supose it not the best idea to use "header".

If you losing SESSION variables, try to add some JavaScript that will create form whith vars you need inside inputs, and submit it to new page.

Is this redirection inside one domain?

UPDATE:

php code on current page:

echo '<input type="text" id="sessionID" style="display: none;" value="'.$_SESSION['id'].'">';
echo '<input type="text" id="sessionUri" style="display: none;" value="'.$_SESSION['usr'].'">';

JS code:

< a onclick="sendSessionVars()">target< / a>

<script>
    function sendSessionVars(){
        var body=document.getElementsByTagName('body')[0];
        var sessionId=document.getElementById('sessionID').value;
        var sessionUri=document.getElementById('sessionUri').value;
        var form=document.createElement('form');
        form.setAttribute('method','post');
        form.setAttribute('style','display:none');
        form.setAttribute('action','targetpage.php');
        body.appendChild(form);
        var id=document.createElement('input');
        id.setAttribute('type','hidden');
        id.setAttribute('name','id');
        id.setAttribute('value',sessionId);
        var usr=document.createElement('input');
        usr.setAttribute('type','hidden');
        usr.setAttribute('name','usr');
        usr.setAttribute('value',sessionUri);
        form.appendChild(id);
        form.appendChild(usr);
        form.submit();  
    }
</script>

on jQuery would be much less code, but it will work slower.

and php code on target page:

$_SESSION['id']=$_POST['id'];
$_SESSION['usr']=$_POST['usr'];

You can also post it to some vars. It's pretty straightforward way.

But you should not lose SESSION variables. Check is your session_start(); is ok.

Answer 2

use header("Location:some.php")

and putting header redirect before html tag is a good practice. You might want to reconstruct your website structure, if you find that it is below the html tag.

Answer 3

In php use it header('Location:page_name.php') But I prefer to use javascript cause you might headers problem using it alot So here is my javascript

       echo "<script>window.location='page.php'</script>";

Answer 4

header("Location: yourpage.php") try this