If you go to PBS.org's home page, you will notice a drop down menu called "Explore" that lets you navigate to different areas of the web site. Drop down menu navigation like this is popular because it lets you add a lot of navigation options, without taking up much space. Most sites wouldn't use PHP to do this, but one way to replicate this with PHP is to setup an HTML form somewhere on your page and have it pass the site's URL to a PHP page when you submit it. For example:
Then have the PHP file jump.php use basic redirection to send them to the right page. Something like this:
<?php
$url = $_POST["url"];
header("Location: $url");
?>
<form action="jump.php" method="post">
<select name=url>
<option value="http://php.about.com">About PHP</option>
<option value="http://www.identity.st">Identity</option>
</select>
<input type="submit" value="Go">
</form>
Then have the PHP file jump.php use basic redirection to send them to the right page. Something like this:
<?php
$url = $_POST["url"];
header("Location: $url");
?>
Sweet stuff, thanks ! i tried to do this myself but i’m not very skilled at php so i got stuck. This works perfectly
This is a bad idea. This script is wide open for abuse, letting 3rd parties use your site to redirect users to anywhere on the internet.
At minimum, you should check the $_SERVER['HTTP_REFERER'] to make sure the POST is coming from your site, but even that can be spoofed since it is information supplied by the client.
A better way would be to hard-code the redirect URLs in the PHP script itself, and have the form POST tokens to the script. The script would know what the tokens meant, and which redirect URL to use.
I’m sorry you don’t like the idea Dave. This was meant to be a simple solution for people learning PHP. While more security could be built into it if the programmer felt the need, I think this conveys the basic idea of how to do the menu. Like all of our learning scripts, we encourage people to build upon this base to fit their needs and to improve them as they learn more PHP.
This allows the link to open up in the same window. What would I need to do to allow it to work in a new window?
How would i do it without a drop down menu but rather an input type text field where the user inputs a certain value and it redirects to a certain page on the site. And if they type something different it goes to a different part on the site?
Thanks for this information. I searched for this code all over the net. It was too complicated for me to understand. Then I found you! THANKS!!
you can send a variable back to the same page and write an if statement that included the file or redirect based on the variable. Is this possible?
Hello, your tutorial is too simple and very interesting. I found it usefull and easiest way on how to use a DropDown list. Thanks you, and I am sorry for my poor english.
sir/madam who is suppose to answer php problem plz give me u id i need help for php as my skills are very week but i am working on project plz do help me out
thanks
To open it in a new window, just add the attribute for the form element, target=”_blank”
it looks like this
php site
site
sorry this webpage is not allowing me to enter the complete html code for the form.
so
the code after adding it to form is like this
Very simple idea, will try it out and report back on what happens.
This was such a great help! I was trying to do something else (make a contact form that takes you to a thank you page at the end) but because you boiled it down so simply I was able to figure it out. Thank you SO MUCH!
Sorry – the stupid flashing ad telling me I’d won something just put me off.
Didn’t read any further…
For the page itself redirecting you to another page, you can put something like this. I’m writing the algorithm, and not the code itself since I’m guessing the web application wouldn’t allow me to. So here it is:
Before the HTML tag, put this:
if $_post['url'] exists //can do this with the isset() function.
header(…);
Then open the HTML tag and so on.
Good luck!
P.S. I have just started learning PHP for two days, so correct me if I’m wrong.
This is a great approach. I have a pulldown list where I want to select and pass a record ID to a specific URL, which uses that ID to SELECT data for its own form. Since this (target) file’s form’s action is $_SERVER["PHP_SELF"], I couldn’t use the (target) filename as the ACTION in my pulldown file (wrong $_POST variables). So I’m taking your generalized jump file and concatenating the target file’s URL with an integer value from the pull down list e.g.: “myfile.php?var=N” and passing my record ID for the SELECT in that way. I am still interested in some more elaboration on security implications and alternative ways to go from pulldown lists to other files ! THanx !
Reply @ (2) comment:
This is not unsecure. The “abuse” you refer too is just people using the redirect for their own websites, which poses no threat on website security, just possible abuse of bandwith, nothing else. To prevent it you can just include a check for “http://” on $_POST['URL'], avoiding redirects to external websites, which would null the point of using it in 3rd party sites.
Once again, it still poses no security threat as most of the simpler solutions never do.
The simpler the code, the safer it is.
I wanted to have that without javascritpt – now I have it.
Thx a lot!
Regards, setarkos
how to learn php if easy way to learn any idiya for this plz inform me very effectiveness
This is very good script for PHP beginners.
Referring to Comments 2 & 18…
FIlipe is correct; the only user a potential hacker would be able to redirect to a page other than the ones specified, would be him or herself! Now if the user were generating the form dropdown values for OTHER users to click on, that could pose a problem. Otherwise, Dave might be confusing header redirects (where a user can be directed only to a web-accessible directory or site) with file includes (where a user can include and therefore view any file on the server). You would not want to use the above technique for file includes without checking the user-submitted value thoroughly. Ideally you would map such values to a desired directory, and strip out all characters which could be used to access directories outside that directory. I use the following technique:
<?php
// Strip offending characters from string
$clean_path = str_replace(‘../’,”,trim(trim($user_submitted_path,’/')));
// Map string to given directory
$file = ‘./path/to/directory/’.$clean_path;
if (is_file($file)) {
// Do something if it’s a valid file…
} else {
// Do something if it’s NOT a valid file…
}
?>
thanks for the tutorial…
it give me some ideas…
Great post. You seem to have a good understanding that how to create a professional drop down menu. When I entering your blog, I felt this. Come on and keep writing your blog will be more attractive. To Your Success!
With reference to security, test for possible sites and if no matching site, goto to default site.
Finally, I found someone’s page who had the code I needed!
Thanks Angela!
Thanks, was most helpful
Simple Fabolous !
Thanks for your personal amazing posting
Thanks Angel. This is very nice stuff.
nice stuff…..this is really good. i just read this and got lot’s more info regarding php. thanks dude..
I see that this in a way could be abused by other people. A simple way to improve the security on it is very simply to give each option tag a number or an ID instead of an URL, then make PHP in the other file decide by that ID what URL to use. I understand that beginners care little about security, but it’s a good habit to not let the user throw any string into the PHP-code.
inside first file: (note that the urls are exchanged with IDs)
About PHP
Identity
The Guardian
YouTube
inside jump.php:
“http://php.about.com”,
2 => “http://www.identity.st”,
3 => “http://www.guardian.co.uk”,
4 => “http://www.youtube.com”
);
//Redirects to the url in the list according to the id given from $_POST
header(“Location: $list[$pid]“);
?>
Hehe, I see that parts of the last comment disappeared (because of the html code), but I’ll try again.
The code in the first file is almost the same as the one used in the article, but the URLs are exchanged with numbers (IDs)
In the second file:
//assign requested page ID
$pid = $_POST["url"];
//the numbers must be the same as the paired option ID in the first file
$list = Array(
1 => “http://php.about.com”,
2 => “http://www.identity.st”,
3 => “http://www.guardian.co.uk”,
4 => “http://www.youtube.com”
);
//Redirects to the url in the list according to the id given from $_POST
header(“Location: $list[$pid]“);
‘http://yourlinkhere.com',
2 => ‘http://yourlinkhere2.com‘ //Note that the last array item doesn’t have a comma at the end
);
//Now we check to make sure that that marker is in the array and exists:
if( isset($list[$url_id]) )
{
$redirect = $list[$url_id];
}
else
{ // Insert default URL you want them to fall back to:
$redirect = $list[0]; //This defaults to the first item in the above array
}
header(“Location: ” . $redirect ); // Separate the variable from the string (text)
}
else
{
header(“Location: http://yourredirect.com“); //Just something to serve in case POST isn’t set.
}
// Code can always be improved, please share.
?>
Trying again, treated part of the tags as HTML, hopefully this one works.
// To build on what others posted for basic validation (checking)
// Some server builds require a check that the POST is present otherwise throw an error
// We will also do a check for integer (number)
if( isset($_POST['url']) && is_int($_POST['url']) )
{
$url_id = $_POST['url'];
$list = array( // following what Harvard built upon above…
1 => ‘http://yourlinkhere.com',
2 => ‘http://yourlinkhere2.com‘ //Note that the last array item doesn’t have a comma at the end
);
//Now we check to make sure that that marker is in the array and exists:
if( isset($list[$url_id]) )
{
$redirect = $list[$url_id];
}
else
{ // Insert default URL you want them to fall back to:
$redirect = $list[0]; //This defaults to the first item in the above array
}
header(“Location: ” . $redirect ); // Separate the variable from the string (text)
}
else
{
header(“Location: http://yourredirect.com“);
}
good very,good very,
really,its simple but proved very helpful,thanks
Thanks a lot!
Great help for me.
Thanks.
It worked!!
I wanted to have that without javascritpt – now I have it.
Thx a lot!