NYCPHP Meetup

NYPHP.org

[nycphp-talk] back button, page timeout, sessions

Nunez, Eddy enunez at tiaa-cref.org
Fri Jan 30 14:59:01 EST 2004 

> The intermediate "page" generates no output and has:
>
> header('Location: http://newurl/');

This means you need to transfer any form data via the
redirected link, essentially turning a POST into a GET. no?

-EAN

-----Original Message-----
From: Chris Shiflett [mailto:shiflett at php.net]
Sent: Friday, January 30, 2004 2:52 PM
To: NYPHP Talk
Subject: RE: [nycphp-talk] back button, page timeout, sessions


--- "Nunez, Eddy" <enunez at tiaa-cref.org> wrote:
> > The most common approach is to use an intermediate page for
> > processing, so that the POST request does not exist in the browser's
> > history mechanism.
> 
> Does this mean that the intermediate page processes and generates an
> output file (or something) to redirect the user to?

The intermediate "page" generates no output and has:

header('Location: http://newurl/');

> It makes sense to me, but would there be a better way than generating
> a temporary results page?

Yes, I think the better solution is to find the Cache-Control directives
that are best for your situation. In most every case, you can eliminate
whatever behavior you dislike this way. However, using an intermediate
page is more common, because it is easier to implement, and it is more
reliable (it doesn't rely as much on browser interpretation).

Hope that helps.

Chris

=====
Chris Shiflett - http://shiflett.org/

PHP Security Handbook
     Coming mid-2004
HTTP Developer's Handbook
     http://httphandbook.org/
_______________________________________________
talk mailing list
talk at lists.nyphp.org
http://lists.nyphp.org/mailman/listinfo/talk


**************************************************************
This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law.  If you are not the intended recipient, please contact sender immediately by reply e-mail and destroy all copies.  You are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.
TIAA-CREF
**************************************************************

More information about the talk mailing list