//header("location: $site_url");
echo "<script language=\"JavaScript\">{
location.href=\"$site_url\";
self.focus();
}</script>";


For the above code, why they comment out header and use a javascript? Is there an advantage? I notice, if someone disable script, the redirect won't work.

Confused.:confused:

Result is almost the same. In both case you'll be redirected to $site_url unless, as you mentionned it, they disabled javascript.

But, using header() the destination page will know the REFERER which won't be the case if you're using javascript in such way.

This may look useless to you but I can assure you it is important to some 'other' people. :)

Interesting... Thx.

no problem

Headers cannot be sent if content has already been output to the client (browser) -- which could be the case here.

Also, the header is Location:, not location: so it might be that the header() call didn't work, which is why its commented out.

There's a vast difference between server-side redirecting (sending of HTTP Location header) and client-side redirecting (meta refresh tag or javascript).
The difference is that client-side redirect MIGHT NOT work if the user has disabled it in his/hers browser preferences.
Also, as fyrestrtr said - you cannot send headers after output, unless you use output buffering (which is another big issue).

To sum it up - if you use server-side redirect, you can be sure that in all cases you will redirect your user, while on the other hand - client side redirects can be disabled.

Is there another way of doing a server side redirect that would work if output (content) has already been sent?

Sort of, by using output buffering.
Though the header is still not actually sent after the output.

fozzy, check output buffering functions (ob_start(), ob_flush() etc) in php manual.

Also, from what I've seen, if you use window.location, it will probably use a page in cache if it exists, and location shouldn't. Results may vary so I'd stick with the header("location:").

You could use a meta redirect (refresh) tag which should work if thy have disabled Javascript. (I know IE allows people to disable meta refresh tag, but is enabled by default)

You definitely want to use the header function versus the javascript or the meta refresh. Main reason is if the page is moved permanently, search engines can't follow the javascript link and choke on the meta refresh. Use a 301 redirect...

header("HTTP/1.0 301 Moved Permanently");
header("Location: ".$url);