Software, your way.
How To Get Good Custom Software
(Download)
(PDF)
burger menu icon
WillMaster

WillMaster > LibraryWebsite Automation

FREE! Coding tips, tricks, and treasures.

Possibilities weekly ezine

Get the weekly email website developers read:

 

Your email address

name@example.com
YES! Send Possibilities every week!

How to Redirect With Method POST

Redirect a browser with method POST to a secure server if the data must be confidential.

Redirecting with data encoded as URL parameters (method GET) can be a problem when the data needs to be confidential — whether or not redirected to a secure server. Here's an example of data encoded as URL parameters: 

https://example.com/page.php?name=Will&password=Ouch

Even if the URL is to a secure server, the URL itself (including parameter information) isn't encrypted. Further, the parameter information is revealed in the browser's address bar.

Instead of method GET, redirect browsers with method POST so the data they carry along is not revealed with the URL.

This is the secret: Redirect with a self-submitting form.

Generate the form within your PHP script. Use JavaScript to submit the form.

The PHP function RedirectWithMethodPost() (source code further below), is called with the URL that would have been used if the redirect was the general GET redirect. Example: 

RedirectWithMethodPost("https://example.com/page.php?name=Will&password=NotOuch");

That function call causes a form to be created with JavaScript that automatically submits the data by method post, redirecting the browser in the process.

Note: To test if your data is sent as expected, the handy tool at the A Nice Data Dump article can be used.

This is the form RedirectWithMethodPost() creates when using the above example function call. (You don't have to do anything with this form. It's just for information. RedirectWithMethodPost() creates the form automatically and causes it to be submitted.) 

<form id='the-form' 
      method='post' 
      enctype='multipart/form-data' 
      action='https://example.com/page.php'>
<input type='hidden' name='name' value='Will'>
<input type='hidden' name='password' value='NotOuch'>
<p id="the-button" style="display:none;">
Click the button if page doesn't redirect within 3 seconds.
<br><input type="submit" value="Click this button">
</p>
</form>
<script type="text/javascript">
function DisplayButton()
{
   document.getElementById("the-button").style.display="block";
}
setTimeout(DisplayButton,3000);
document.getElementById("the-form").submit();
</script>

Okay, here's the RedirectWithMethodPost() function. Paste it into your PHP script for POST method redirect functionality. 

function RedirectWithMethodPost($dest)
{
   $url = $params = '';
   if( strpos($dest,'?') ) { list($url,$params) = explode('?',$dest,2); }
   else { $url = $dest; }
   echo "<form id='the-form' 
      method='post' 
      enctype='multipart/form-data' 
      action='$url'>\n";
   foreach( explode('&',$params) as $kv )
   {
      if( strpos($kv,'=') === false ) { continue; }
      list($k,$v) = explode('=',$kv,2);
      echo "<input type='hidden' name='$k' value='$v'>\n";
   }
   echo <<<ENDOFFORM
<p id="the-button" style="display:none;">
Click the button if page doesn't redirect within 3 seconds.
<br><input type="submit" value="Click this button">
</p>
</form>
<script type="text/javascript">
function DisplayButton()
{
   document.getElementById("the-button").style.display="block";
}
setTimeout(DisplayButton,3000);
document.getElementById("the-form").submit();
</script>
ENDOFFORM;
}

No customization is required in that function. Simply copy the source code and insert it into your PHP script, and you'll have the functionality available.

In your PHP script, call RedirectWithMethodPost() with this format: 

RedirectWithMethodPost("[-URL-]");

Replace [-URL-] with the correct URL and you're good to go. Example with replacement colored blue: 

RedirectWithMethodPost("https://example.com/page.php?name=Will&password=NotOuch");

The URL generally would have parameter data, but it isn't required — parameter data being the name=value information following a "?" character in the URL, as in the above example.

Put the function RedirectWithMethodPost() into your PHP script and call it as indicated above. That's all it takes to redirect a browser with method POST.

(This article first appeared in Possibilities ezine.)

Will Bontrager

Was this article helpful to you?
(anonymous form)

Support This Website

Some of our support is from people like you who see the value of all that's offered for FREE at this website.

"Yes, let me contribute."

Amount (USD):

Tap to Choose
Contribution
Method

All information in WillMaster Library articles is presented AS-IS.

We only suggest and recommend what we believe is of value. As remuneration for the time and research involved to provide quality links, we generally use affiliate links when we can. Whenever we link to something not our own, you should assume they are affiliate links or that we benefit in some way.

More "Website Automation" Articles

Daily Content for Many Websites

JavaScript Content Scheduler

End-of-Year Copyright Year Number Change

Other Recent Articles from the Library

Simple 2-Column Flex Code Generator

Preventing Line Breaks

Keeping Image Location Secret

Easier Reading of JSON Data

Fixed Position Image

How Can We Help You? balloons
How Can We Help You?
bullet Custom Programming
bullet Ready-Made Software
bullet Technical Support
bullet Possibilities Newsletter
bullet Website "How-To" Info
bullet Useful Information List

© 1998-2001 William and Mari Bontrager
© 2001-2011 Bontrager Connection, LLC
© 2011-2024 Will Bontrager Software LLC