php refresh current page?

Question

I have a page which,

If a variable is set(in a session) it will do an action, then it unsets the session.

Now it has to refresh itself.

This is where i am stuck.

Is there a way to get the exact url to the current page?

or is there a function to do this?

so header('location: ???');

I came here because I was interested in the POST/Redirect/GET" (PRG) pattern, which attempts to eliminate the warning message that browsers give for POST only used for keeping arguments intact or secret. But that pattern fails when you try to share forms in one file, since the main program must be requested by a GET. — David Spector, Jul 05 '23 at 11:15

score 109 · Accepted Answer · edited Jan 03 '21 at 11:54

109

header('Location: '.$_SERVER['REQUEST_URI']);

edited Jan 03 '21 at 11:54

Tomer Shetah

8,413
7
27
35

answered Nov 19 '10 at 00:42

Byron Whitlock

52,691
28
123
168

11

$_SERVER['REQUEST_URI'] is a server generated variable. Only GET,POST,a and COOKIES are susceptible to user interference. (with the possible exception of headers like "Referrer") – Byron Whitlock Feb 21 '12 at 19:38
5

Those server generated variables can be modified, so you should still consider sanitizing them. – Nick Pickering Aug 14 '13 at 14:18
11

Those who argue it should be sanitized don't really understand what they are talking about. REQUEST_URI holds the URL where you currently are, so if there's any security issue with going to this URL, the harm is already done. Redirecting to where you already are has no security implication. – laurent Oct 30 '14 at 17:12
So there's no chance an infected server could have this modified... sounds like an M$ support tech :P – Mavelo Sep 09 '15 at 14:16
3

@RobertM. nope, it is redirecting you to the current url. As already said, the damage would already be done. – M H Oct 01 '15 at 17:59
3

put a die() after reload header to prevent code execution below this row. – montie Sep 07 '16 at 10:01

score 24 · Answer 2 · answered Oct 09 '14 at 15:09

PHP refresh current page

With PHP code:

<?php
$secondsWait = 1;
header("Refresh:$secondsWait");
echo date('Y-m-d H:i:s');
?>

Note: Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP.

if you send any output, you can use javascript:

<?php
echo date('Y-m-d H:i:s');
echo '<script type="text/javascript">location.reload(true);</script>';
?>

When this method receives a true value as argument, it will cause the page to always be reloaded from the server. If it is false or not specified, the browser may reload the page from its cache.

Or you can explicitly use "meta refresh" (with pure html):

<?php
$secondsWait = 1;
echo date('Y-m-d H:i:s');
echo '<meta http-equiv="refresh" content="'.$secondsWait.'">';
?>

Greetings and good code,

score 6 · Answer 3 · answered Nov 19 '10 at 00:41

6

$_SERVER['REQUEST_URI'] should work.

answered Nov 19 '10 at 00:41

casablanca

69,683
7
133
150

score 3 · Answer 4 · edited Feb 18 '14 at 21:10

3

header('Location: '.$_SERVER['PHP_SELF']);

will also work

edited Feb 18 '14 at 21:10

Germstorm

9,709
14
67
83

answered Nov 15 '13 at 15:12

Mahendra Jella

5,450
1
33
38

4

This will only work if you display the filename in the URL. So, URL rewrite definitely won't work. – rybo111 May 20 '14 at 11:44

score 2 · Answer 5 · answered May 24 '22 at 18:58

2

How about a simple:

header("refresh: 0");

answered May 24 '22 at 18:58

Steve Moretz

2,758
1
17
31

score 0 · Answer 6 · answered Apr 14 '14 at 05:44

0

Another elegant one is

header("Location: http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]");
exit;

answered Apr 14 '14 at 05:44

Mahendra Jella

5,450
1
33
38

php refresh current page?

6 Answers6

Linked