jasimon9 - 4:26 pm on Jan 23, 2013 (gmt 0)

Thanks to lucy24 and g1smd for your helpful comments regarding the anchors, as well as all your previous help.

However, I think I now have the core of the problem, but not the solution. It turns out that the page that is having the problem, due to PCI Compliance requirements, needs to be served over SSL. That is, using https. However, we don't support SSL on all of our quality domains (namely, various workstations and development servers). The way that this has been implemented therefore is that at the PHP level, the code checks whether the page should be using SSL, and if not redirects it. The PHP code is as follows:


// force ssl to protect credentials
if (ENABLE_FORCE_SSL && !$_SERVER['HTTPS'])
{
if ($external_link)
{
$_SESSION['site_user_type'] = '';// enable redirect to keep external link
}
GoToPage(substr($RH_URL_SSL,0,-1) . $_SERVER['REQUEST_URI']);
}


This in part explains why on certain instances no problem occurs.

The ENABLE_FORCE_SSL flag is enabled on a per domain basis. Debugging shows that the contents of the server var $_SERVER['REQUEST_URI'] is the redirected page name "/manufacturers-sales-reps-register.php". The GoToPage function does some processing and ends with sending the "Location" header to do the redirect. The argument to the Location would in this case be https://www.example.com/manufacturers-sales-reps-register.php".

So I am thinking at this point that is where the failure occurs. Unfortunately I cannot trace the failure mode at the present time because the development environments don't support SSL. So I am a bit stuck.