"PHP" uses redirection to disguise the form processing page does not exist

PHP redirection, very simple, except to print out the redirected JavaScript code directly,

Using the original PHP redirect is this:

<?phpheader ("Location:url"); exit; >

As soon as this statement is read, it jumps to the specified redirect URL.

Of course, PHP, first of all, it should be clear that the header () function must be placed in the beginning of the PHP program, and can not have another header () function or Setcookie () is called, if it is with the page output, this statement must be placed in

Use redirection to disguise that the form processing page does not exist. Makes it not so easy for hackers to discover our form processing pages. Because the form processing page generally involves database operations. It is not allowed to be accessed by someone else entering the URL.

For example, the following page redict.php, in practice is present, but you do not enter the correct parameter a, or incorrect submission form open this page, then give you a 404, let you think this page does not exist at all. Generally no one is so easy to guess that the parameter of this page processing is a. So it's the effect of protecting the form processing page.

This protection code is very simple. The idea is simply to determine if there is a parameter to be processed, and if not, redirect to a page that is not in the directory at all:

<?phpif (Empty ($_request["a"])) {header ("location:error.php"); exit;} else{//here is only to set the normal encoding output "hehe" Just! Header ("content-type:text/html; Charset=utf-8 "); echo "hehe";}? >

"PHP" uses redirection to disguise the form processing page does not exist