redirect doesn't include whole querystring

I'm trying to redirect, but it doesn't include all th开发者_如何学JAVAe parameters in the url

if (!empty($_POST['nazwauzytkownika']) && $_POST['haslo'])
{

removed..


if (isset($_GET['redirect']))
    $redirect = $_GET['redirect'];
else 
    $redirect = 'http://*****.pl/konto/?a=powitanie';


header("Location: $redirect");

}

If $_GET[redirect] contains http://localhost/forum/?p=thread&threadid=9, it only redirects to http://localhost/forum/?p=thread

If I understand your question correctly, you're looking for something like this:

if (isset($_GET['redirect']))
    $redirect = substr($_GET['redirect'],0,strpos($_GET['redirect'],'&'));

Where you only pass along the first parameter of the querystring.

it is not redirect problem but url problem
every GET parameter should be urlencoded

$redirect = rawurlencode($redirect);
?>
<a href="some.php?redirect=<?=$redirect?>">

then you will have your redirect param inact and can use it for redirect.

though it's considered as bad practice as your script can be used for phishing links.

it's better to pass just url identifier, and then read an url itself from db/session/whatever server side storage