Redirect to HTML input value from PHP

Question

So I want to create a simple result page that lets users download their results using the given code.

This is the script:

<form action="" method="post" >
    <input type="text" name="logincode">
    <input type="submit" name="send">
</form>

<?php
    $name = $_POST['logincode'];
    $filename = $name.'/'.$name.'pdf';  
    header('Location: ./'$filename'');
?>

The principle is when the user writes into the input field, for example (1234) and hits enter, it should redirect him to:

./1234/1234.pdf

I don't know where the mistake is in my code.

Answer 1

<form action="" method="post" >
<input type="text" name="logincode">
<input type="submit" name="send">
</form>

<?php
if($_POST){
$name = $_POST['logincode'];


$filename = $name.'/'.$name.'.pdf';

header('Location: ./'.$filename.'');
}
?>

Answer 2

Few issues,

• Your header should be before anything else as @showdev mentioned in a comment.
• You're missing a . between filename and extension
• You also have a syntax error in the header trailing ''
• And you should exit redirect headers.

You should also be checking your variables as you go, plus check the file exists, so you can show errors.

<?php
// check post request
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
   $errors = [];
   // check logincode is set and a number
   if (!isset($_POST['logincode']) || !is_numeric($_POST['logincode'])) {
       $errors['logincode'] = 'Invalid login code';
   } else {
       $name = $_POST['logincode'];

       // check file is found
       if (!file_exists($name.'/'.$name.'.pdf')) {
           $errors['logincode'] = 'Your results are not ready.';
       }

       // now check for empty errors
       if (empty($errors)) {
           exit(header('Location: ./'.$name.'/'.$name.'.pdf'));
       }
   }
}
?>

<form action="" method="post">
    <?= (!empty($errors['logincode']) ? $errors['logincode'] : '') ?>
    <input type="text" name="logincode">
    <input type="submit" name="send">
</form>

Answer 3

It's very insecure code!

Major changes below:

• write test for user input data TODO by you
• change order PHP block code first, form (HTML) code next in snippet
• add test is post request_method before any $_POST['...']; in snippet

• add .(dot) before filename extension i $filename in snippet

      <?php
      if ($_SERVER['REQUEST_METHOD'] === 'POST') {
          $name = $_POST['logincode'];
          
          $filename = $name.'/'.$name.'.pdf';  
          header('Location: ./'$filename'');
      }
  
      ?>
  
      <form action="" method="post" >
      <input type="text" name="logincode">
      <input type="submit" name="send">
      </form>

Answer 4

You are missing a “.” before pdf aren’t you?

And also wrong header('Location: ./'$filename'');

Try this :)

<?php
$name = $_POST['logincode'];

$filename = $name.'/'.$name.'.pdf';
header('Location: ./'.$filename);
?>