PHPでURLリダイレクトに関するセキュリティ処理サンプル

PHPコード:
function safe_redirect($url, $exit=true) {

// Only use the header redirection if headers are not already sent
if (!headers_sent()){

header('HTTP/1.1 301 Moved Permanently’);
header('Location: ' . $url);

// Optional workaround for an IE bug (thanks Olav)
header(“Connection: close");
}

// HTML/JS Fallback:
// If the header redirection did not work, try to use various methods other methods

print '<html>’;
print '<head><title>URLのリダイレクト</title>’;
print '<meta http-equiv="Refresh" content="0;url=’.$url.'" />’;
print '</head>’;
print '<body onload="location.replace(\".$url.’\’)">’;

// If the javascript and meta redirect did not work,
// the user can still click this link
print '次のURLリダイレクトする必要:<br />’;
print “<a href="$url">$url</a><br /><br />";

print 'If you are not, please click on the link above.<br />’;

print '</body>’;
print '</html>’;

// Stop the script here (optional)
if ($exit) exit;
}

PHP

Posted by arkgame