You are here

Home » API reference » Finder 7 » finder.form.inc

function finder_form_goto in Finder 7

Same name and namespace in other branches
  1. 6 includes/finder.form.inc \finder_form_goto()
  2. 7.2 includes/form.inc \finder_form_goto()

Redirect from a finder form.

The difference between this and drupal_goto() is that this undoes the encoding of the arguments seperator, as such encoding inteferes with finder.

Parameters

$sep: The arguments seperator string.

$path: A Drupal path or a full URL.

$query: A query string component, if any.

$fragment: A destination fragment identifier (named anchor).

$http_response_code: Valid values for an actual "goto" as per RFC 2616 section 10.3 are:

  • 301 Moved Permanently (the recommended value for most redirects)
  • 302 Found (default in Drupal and PHP, sometimes used for spamming search engines)
  • 303 See Other
  • 304 Not Modified
  • 305 Use Proxy
  • 307 Temporary Redirect (alternative to "503 Site Down for Maintenance")

Note: Other values are defined by RFC 2616, but are rarely used and poorly supported.

See also

drupal_goto()

1 call to finder_form_goto()
finder_form_state in includes/finder.form.inc
Statically 'get' or 'set' the FAPI form state in a per-finder cache.

File

includes/finder.form.inc, line 342
The finder form.

Code

function finder_form_goto($sep, $path = '', $query = NULL, $fragment = NULL, $http_response_code = 302) {
  if (isset($_REQUEST['destination'])) {
    extract(parse_url(urldecode($_REQUEST['destination'])));
  }
  elseif (isset($_REQUEST['edit']['destination'])) {
    extract(parse_url(urldecode($_REQUEST['edit']['destination'])));
  }
  $url = url($path, array(
    'query' => $query,
    'fragment' => $fragment,
    'absolute' => TRUE,
  ));

  // custom changes - undo separator encoding
  $url = str_replace(urlencode($sep), $sep, $url);

  // Remove newlines from the URL to avoid header injection attacks.
  $url = str_replace(array(
    "\n",
    "\r",
  ), '', $url);

  // Allow modules to react to the end of the page request before redirecting.
  // We do not want this while running update.php.
  if (!defined('MAINTENANCE_MODE') || MAINTENANCE_MODE != 'update') {
    module_invoke_all('exit', $url);
  }

  // Even though session_write_close() is registered as a shutdown function, we
  // need all session data written to the database before redirecting.
  session_write_close();
  header('Location: ' . $url, TRUE, $http_response_code);

  // The "Location" header sends a redirect status code to the HTTP daemon. In
  // some cases this can be wrong, so we make sure none of the code below the
  // drupal_goto() call gets executed upon redirection.
  exit;
}