i have this code

if ($loggedin != "1")
{echo "<script language='javascript'>location.href='index.html'</script>";}
if ($loggedin == "1")
{echo "You are logged in.<BR>";}


loggedin is the name of a cookie i set on the previous page. i know it got set as 1, because thanks to firefox i can search through the cookies in use easilly and i found it with the value "1"... so why does it keep redirecting, even when the data is correct?

if ($_COOKIE['loggedin'] != "1")
{
header('Location: /index.html');
}
else
{
echo "You are logged in.<BR>";
}

well, you aren't very talkative, but it works. Thanks!

The reason why you won't want to use javascript to redirect users to certain pages is because of security issues. The way Bokeh did it is a good example of improving security on your redirects because it's server-side as opposed to client-side (javascript/html metarefreshes).

The reason why you won't want to use javascript to redirect users to certain pages is because of security issues. The way Bokeh did it is a good example of improving security on your redirects because it's server-side as opposed to client-side (javascript/html metarefreshes).

While that's a good try, it has nothing to do with it. He has 2 errors here. 1) where is $loggedin being set? it's not, it's the name of the cookie and should be read as such, thus the use of $_COOKIE['cookiename']. 2) without exclusivity, even if he is using, php doesn't know that both events can't happen so you can get php failing to render properly due to a logic issue.

The way Bokeh did it is a good example of improving security on your redirects because it's server-side as opposed to client-side (javascript/html metarefreshes).Actually whether the redirect instruction comes from an http header, a meta element or Javascript, in all three cases the implementation of the redirection is conducted by the client.

i started a nice little argument didn't i? i'm gonna have to agree with bokeh in saying that it's the client that does the redirecting. plus, due to other things on the page being in javascript, i found with a little bit of work that i can edit the code he gave me, and it will run the original javascript i was trying to use. To go against the problem of security, i don't know of any javascript blocker out there that will stop redirects, without stopping other things on the page at the same time. since the users of my site want a good deal of what is being put on there with javascript, they have to live with knowing they need to log in.

then, like chazzy said,
1) where is $loggedin being set? it's not, it's the name of the cookie and should be read as such, thus the use of $_COOKIE['cookiename'].
that was the main problem i was having, because the source i'm learning my php from is outdated and badly done.
Anyway, point is it works, and no matter what was wrong with my learning source that messed me up, i know how to work cookies now.

Oh, while i'm still able to edit this, does anyone here know if i can use PHP with a comma seperated values file, without using MySQL or anything like that? i'm running all this on an apache server on my computer, and i don't plan on installing another addition unless i really have to.

i found with a little bit of work that i can edit the code he gave me, and it will run the original javascript i was trying to use.An http header redirect is preferable because it is dealt with on a different layer. With a Javascript or Meta redirect the browser needs to render the page before it knows of a redirection instruction. This is not the case with an http header redirect.

With a Javascript or Meta redirect the browser needs to render the page before it knows of a redirection instruction. This is not the case with an http header redirect.
i find that only matters if you put the javascript into the main part of the page. if you put the script inside the <head></head> tags, it will load everything in the head tags (in my pages that's the title and of course, this javascript.) and it will run any javascripts in the head before continuing on to the body of the document. as such, it only has time to "render" the title of the page before it realizes that the javascript say to go back to index.html... so point is, it works. plus, if i was really crazy, i would put the title somewhere between the </head> tag and the <body> tag, and then it wouldn't even show the title before redirecting.

if you put the script inside the <head></head> tagsExactly! The browser needs to download the document, open it, read it and then decide what to do. In the case of an http redirect there is no document and nothing needs to be downloaded, opened, or read for the browser to know of the redirect.

Imagine a well for drinking water. If the water was bad it would be much simpler to have a notice at the well head drawing attention to this fact rather than having to find out by dropping a bucket 200 feet and lifting water to inspect. Your Javascript/meta method is synonomous with the latter.

true, but that's called being redundant. it's already fast enough for what i'm trying to do, and it's not like i care if the client has to load the head. i'll go ahead and use your method anyway, because at the very least, i won't have to remember to change things if/when i decide to register a domain.

it's also a lot safer to use a header redirect rather than javascript. enforces a lack of data being printed to the screen before processing.

What do you do when the user doesn't have javascript on?

ummm, i tell my friend who is looking at the page that i'm gonna come to their house and slap them if they don't turn the javascript back on. past friends, i have no reason to worry until i start handing out the IP address anyway.

if businesses operated the way you did, they'd never make money :-P

do you really think i'm out to make money on a web server i made to get to my own files from someone else's computer? the only reason i'm going through this trouble is because i'm bored enough, and have the time.

no no
i didn't assume that at all, it's an analogy.

i'm just saying if businesses did things expecting to have to go back and redo everything, they'd all be losing money and wasting time.

ahh, good point. so you're reaffirming the fact that it would be pointless for me to wait until i get a domain to make the change because by then i could have it already working fine. right? it's a good point.

pretty much, yes.

even a simple decision like that, you don't know what other effects it might have, so usually it's better to just get it working first the way you want it, and not expect to change it unless you want to change a piece of how the entire thing works.

if that makes sense...

strangly enough, it does....