Safe redirect

This little function ensures that visitors are really redirected to a specified URL.

At first the function will try to redirect the user by using the header() location method, then by JavaScript and META-Refresh and finally if everything failed there is also a ordinary link to the new URL.

function safe_redirect($url, $exit=true) {
    // Only use the header redirection if headers are not already sent
    if (!headers_sent()){
        header('HTTP/1.1 301 Moved Permanently');
        header('Location: ' . $url);
        // Optional workaround for an IE bug (thanks Olav)
        header("Connection: close");
    // HTML/JS Fallback:
    // If the header redirection did not work, try to use various methods other methods
    print '<html>';
    print '<head><title>Redirecting you...</title>';
    print '<meta http-equiv="Refresh" content="0;url='.$url.'" />';
    print '</head>';
    print '<body onload="location.replace(\''.$url.'\')">';
    // If the javascript and meta redirect did not work, 
    // the user can still click this link
    print 'You should be redirected to this URL:<br />';
    print "<a href="$url">$url</a><br /><br />";
    print 'If you are not, please click on the link above.<br />';    
    print '</body>';
    print '</html>';
    // Stop the script here (optional)
    if ($exit) exit;
Snippet Details


Sorry folks, comments have been deactivated for now due to the large amount of spam.

Please try to post your questions or problems on a related programming board, a suitable mailing list, a programming chat-room,
or use a QA website like stackoverflow because I'm usually too busy to answer any mails related
to my code snippets. Therefore please just mail me if you found a serious bug... Thank you!

Older comments:

dgfdfg May 30, 2011 at 22:39
Olav Alexander Mjelde September 23, 2009 at 09:22
Hi, I once again have a new code for you, my friend!

header("HTTP/1.1 301 Moved Permanently");
header("location: http://www.domain.tld/");
header("Connection: close"); // this a workaround for an IE bug!
Brian Hague January 30, 2009 at 20:46
I've got a possible solution for a https redirect that will get rid of a redirect loop bug in your code. This could be useful for a login.php page.

function SecureRedirect($url) {
// If the header redirect works, the user will never see this page:
echo '<html>';
echo '<head><title>Redirecting you...</title>';
echo '<meta http-equiv="Refresh" content="0;url='.$url.'" />';
echo '</head>';
echo '<body onload="location.replace(''.$url.'')">';

// if the location, javascript and meta redricts
// did not work, the user can still use this link:
echo 'You should be redirected to this URL:<br/>';
echo '<a href="'.$url.'">'.$url.'</a><br/><br/>';

echo 'If you are not, please click on the link above.<br/>';

echo '</body>';
echo '</html>';
Robert Dundon January 14, 2009 at 16:33
I like your use of failovers in this script.

However, can't you just simply use die() (or exit() ) to prevent the rest of the page being run? Ex:

if (!headers_sent()){
header('HTTP/1.1 301 Moved Permanently');
header('Location: ' . $url);7