Summary of existing answers plus my own two cents:
1. Basic answer
You can use the header()
function to send a new HTTP header, but this must be sent to the browser before any HTML or text (so before the <!DOCTYPE ...>
declaration, for example).
header('Location: '.$newURL);
2. Important details
die() or exit()
header("Location: http://example.com/myOtherPage.php");
die();
Why you should use die()
or exit()
: The Daily WTF
Absolute or relative URL
Since June 2014 both absolute and relative URLs can be used. See RFC 7231 which had replaced the old RFC 2616, where only absolute URLs were allowed.
Status Codes
PHP's "Location"-header still uses the HTTP 302-redirect code, this is a "temporary" redirect and may not be the one you should use. You should consider either 301 (permanent redirect) or 303 (other).
Note: W3C mentions that the 303-header is incompatible with "many pre-HTTP/1.1 user agents. Currently used browsers are all HTTP/1.1 user agents. This is not true for many other user agents like spiders and robots.
3. Documentation
HTTP Headers and the header()
function in PHP
4. Alternatives
You may use the alternative method of http_redirect($url);
which needs the PECL package pecl to be installed.
5. Helper Functions
This function doesn't incorporate the 303 status code:
function Redirect($url, $permanent = false)
{
header('Location: ' . $url, true, $permanent ? 301 : 302);
exit();
}
Redirect('http://example.com/', false);
This is more flexible:
function redirect($url, $statusCode = 303)
{
header('Location: ' . $url, true, $statusCode);
die();
}
6. Workaround
As mentioned header()
redirects only work before anything is written out. They usually fail if invoked inmidst HTML output. Then you might use a HTML header workaround (not very professional!) like:
<meta http-equiv="refresh" content="0;url=finalpage.html">
Or a JavaScript redirect even.
window.location.replace("http://example.com/");
Custom modules were at fault. Disabling all of the custom modules in the Magento admin does not actually disable them, it only "disables their output".
Setting False in the module configuration resolved the invalid headers error, at which point I was able to debug the custom module issue that was causing the AJAX checkout errors.
Best Answer
Ran across this tip that fixed it for me. Essentially it looks like they forgot to include the formKey in the saveOrder ajax request.
Find
app / design / frontend / (template name) / template / checkout / onepage / review / info.phtml
and around line number 60 replace......with this...