PHP Redirect doesn't work - UPDATE: Safety of @extract($_POST);

**dl33** · 09-23-2007, 12:01 AM

Thanks for the reply, djr33. So is the code as I have it now safe or do I have to change something about it. I mean, I get what you just explained, but I do not think that I can apply it yet to my own code.
What I have now is

Code:

<?php
	@extract($_POST);
	$quickarchive_date = stripslashes($quickarchive_date);
	$quickarchive_categories = stripslashes($quickarchive_categories);
	if ( $quickarchive_categories == "C" && $quickarchive_date == "#" ) {
		$url = "http://www.mysite.com/weblog/archive_2/";
	} elseif ( $quickarchive_categories != "C" && $quickarchive_date == "#" ) {
			$url = "http://www.mysite.com/weblog/archive_2/".$quickarchive_categories."/" ;
	} else {
		$url = "http://www.mysite.com/weblog/archive_2/".$quickarchive_categories."/".$quickarchive_date ;
	}
	header("HTTP/1.1 301 Moved Permanently"); 
	header("Location: $url");
        exit;
?>

**djr33** · 09-23-2007, 12:25 AM

What are you using from the post data?
Remove @extract(... and replace any references to these newly created variables with $_POST['thatname'] instead.
That's about it.
In that case, it seems safe enough, probably.

Thread: PHP Redirect doesn't work - UPDATE: Safety of @extract($_POST);

Thread Tools

Search Thread

Bookmarks

Bookmarks

Posting Permissions