I have an application that incorporates "action pages." These are pages that perform a given action based on user input. At the end of these pages, the user is then redirected to a new page. This prevents users from creating duplicate records in a database with the back button when I use the POST method. The page structure looks something like this:
<?php
require_once ('./load-libs.php'); // Load critical libraries
session_start();
checkValidUser(); // Is the user authenticated?
# echo 'blah<br>';
if (empty($_POST['action']))
die('No action given.');
switch ($_POST['action'])
{
case 'name of action':
// Process the action;
$target = 'target_page.php';
break;
default:
die ('Bad action given: "'.$_POST['action'].'"');
}
if (!headers_sent())
{
header('Location: '.$target);
exit;
}
The problem I am having is that for some actions (NOT all actions in a given action page), Apache always returns a 302 response. The problem with this is that, even if the content of the page changes, Apache still returns a 302 and the correct action is not performed. Other actions in the same action page return the proper response code and are processed correctly. Even if I uncomment the "blah" line, I still get a 302 (which is totally strange, b/c that should send the headers at that point preventing the final location header from being sent :queasy: ). Is there any way to prevent this behavior in Apache?
