에서 참조

It does not have to do only with Codeigniter. These are the 2 methods that you can use to reload (or redirect) a page.

With Location: header you are sending a 3xx status code (usually 301 or 302) to the client’s browser which usually indicates that the content has temporarily moved. Using the appropriate code will give more information to the client about the reason you are doing the redirection. This will be useful especially for search engines.

Also the browser does not have to download all the page’s content before doing the redirect but it does it immediately as it gets the status code from the server and it goes to the new page instead. This way you do not break the ‘back’ button of the browser.

With Refresh meta tag or HTTP header you send a request to the client’s browser to refresh the page without indicating any information about the reason you are doing it or the original and new content. Browser has to first download all the page content and then after the time (in seconds) specified in the Refresh it will redirect to the other page (usually 0 seconds).

Also if a user hits the ‘back’ button of his browser it will not work as it should since it will take him to the previous page and it will use Refresh again and send him to the next from where he pressed the button.

Above statements are according to W3C article here 에서 참조


If I want to create a share link for Facebook that works everywhere and has everything I want contained in one URL, I can use Facebook’s “sharer.php” functionality. (Facebook says it’s officially “deprecated,” but there’s no sign of them stopping this implementation anytime soon.)

So let’s say I want to share this link:…

I can simply add “” before the link, and voila!

Create Custom Share Links for Facebook, Twitter, and Google Plus

Thankfully Facebook was able to properly pull a relevant title, blurb, and image from the page to display. However, given that we want to maximize the number of clicks, what if we wanted to customize things? We can!

However, it gets much more complicated. Let’s say I wanted the title to be The Inconvenient Truth of Education “Reform”!, and have the blurb be Recent events have revealed how market-driven education policies, deceivingly labeled as “reform,” are revealing their truly destructive effects on the streets and in the corridors of government:, and have the thumbnail image be this one:

Create Custom Share Links for Facebook, Twitter, and Google Plus

Looks perfect, but the URL looks like this monstrosity:[url]=[images][0]=[title]=The+Inconvenient+Truth+of+Education+‘Reform’!&p[summary]=Recent+events+have+revealed+how+market-driven+education+policies,+deceivingly+labeled+as+%22reform,%22+are+revealing+their+truly+destructive+effects+on+the+streets+and+in+the+corridors+of+government:

Yuck. Who wants to replace all those spaces and punctuation marks with HTML code?


Twitter’s single-URL method of sharing is a bit more straightforward, simply because there are fewer things to worry about: it’s just a message and a link (and maybe a twitter user reference or two). So if I want a link to produce this:

Create Custom Share Links for Facebook, Twitter, and Google Plus

I need a link that looks like this:

Still pretty rough.


Thankfully, all the code-wrangling needed can be automated thanks to our old pal Javascript. To that end, I’ve set up an easy tool for creating these share links: Share Link Generator.

I’ve also included Google+, which unfortunately doesn’t allow for any customization to the extent that Facebook does.

All you have to do is fill in the fields and click a button. Hope you enjoy!

UPDATE: Manjunath brings up a good point in the comments about mobile sharing: for god knows what reason, Facebook’s mobile sharer.php (on doesn’t use the same parameters.

For the mobile Facebook sharer.php, the markup is much simpler, and we can only pick the URL and the title. Like so:<the url you want>&t=<the title you want>

If you want to force mobile browsers to use the regular Facebook sharer.php, you can simply add “&m2w” (w/out quotes) to the end of the regular Facebook share link. I haven’t extensively tested that yet, so YMMV. 에서 참조

The quick version: I’ve found a way to abuse the login mechanism for both Twitter and Google to detect whether a user is logged in to that service. Facebook provides an API for this. So I provide a cross-browser javascript template that works for all 3 networks. If you want to get straight to the code jump to the implementation section or check out the Social Network Login Status Detector Demo.


I was interested in seeing whether it would be possible to track which social networks a website visitor is logged into at the time of their visit; it could be cool for selecting which social media buttons you show them, what sort of marketing you do to them, or simply to evaluate whether you should be participating more on a certain social network. I was interested in Facebook, Twitter and Google+; as an SEO I was also interested in whether people were logged into a general Google account so I could compare which percentage of those had a Google+ account.

A quick search turned up an interesting post from Mike Cardwell who had a method for doing this for Facebook, Twitter and Gmail, but unfortunately it didn’t work in Internet Explorer. Secondly, I knew there was a better method than Mike’s for Facebook, which I’d seen presented by Mat Clayton of Mixcloud; he uses Facebook’s API to do the same thing (see slide 15). Mat’s method works great across browsers, so that solved the Facebook side of this.

Finding a way in to Twitter and Google+

Wat I needed was a method for detecting whether a visitor to my site was logged in to Twitter, Google and more specifically Google+.

Thanks to abraham from Hacker News I discovered that Twitter has an undocumented endpoint that simply returns true or false for whether the current user is logged in! It is very simple:

  1.     function twitterLoginStatus(state) {
  2.       alert(state);
  3.     }

However, due to boring technical details concerning MIME types this code doesn’t work on IE9, which (unfortunately) for many purposes makes it less than ideal.

Browsers nowadays are very sensitive to cross site requests and the all to common exploits that abuse them, and so unless the 3rd party site plans to allow it using javascript for this is probably going to be difficult. The other great way to make cross domain requests is with image tags.

Tricking login mechanisms

I came up with the theory that I needed to try to access and image on Twitter/Google’s sites that would only be available to users when they are logged in. Using javascript I could detect whether the image loaded or not and thus determine whether the user was loggedin. However, these are obviously going to be few and far between (image assets are often static and so on CDNs and/or not protected in such a manner), if they exist at all (I didn’t find any), so I was back to square one. I needed a protected area of the site, but needed the file contents to be an image.

My winning moment was realising that some naive login systems might be open to abuse for exactly this purpose. It is often the case that you try to access a specific page on a site, lets say the “Upload a photo” page but you need to be logged in to do so. If you are not logged into the site in question, when you visit the URL the page redirects to the Login page to authenticate you are who you say you are; however the site wants to be helpful and send you to the page you were looking for so they keep a track of that target page in the URL as a parameter and then helpfully redirect you to that page after login is complete.

What happens if you visit the login page with a ‘redirect on login’ parameter and you are already logged in? When implemented in a naive fashion you are simply immediately redirected to the page specified in the parameter. Some sites limit that parameter to being another page on the same domain, but we’ll see that doesn’t help for this trick.

This mechanism is open to abuse in exactly the way I needed; I could set the ‘redirect on login’ page to be an image file on the same domain. For example:

  1. <img src=“” />

In this example, if I am logged in Twitter is kind enough to 302 redirect me to the image file I specified, but if I am not logged in I am show the login page. It turns out that both Twitter and Google’s login mechanisms are susceptible to exactly this trick. It seems LinkedIn and Tumblr are currently immune to this, though I didn’t dig too deep so there might be another redirect URL for them.

Putting it all together

From this point on it was quite easy to hack together some javascript; just stick this code in the <head></head> section of your page:

  2.    function show_login_status(network, status)
  3.    {
  4.     if (status)
  5.     {
  6.      alert(“Logged in to ” + network);
  7.     }else{
  8.      alert(“Not logged in to ” + network);
  9.     }
  10.    }

Then, anywhere in your code that seems like a nice place stick this HTML:

  1. <img style=“display:none;”
  2. onload=“show_login_status(‘Google’, true)”
  3. onerror=“show_login_status(‘Google’, false)”
  4. src=“”
  5. />
  7. <img style=“display:none;”
  8. onload=“show_login_status(‘GooglePlus’, true)”
  9. onerror=“show_login_status(‘GooglePlus’, false)”
  10. src=“”
  11. />
  13. <img style=“display:none;” src=“” onload=“show_login_status(‘Twitter’, true)” onerror=“show_login_status(‘Twitter’, false)” />
  15. id=“fb-root”>

Finally, somewhere after that HTML stick this Javascript:

  1.  window.fbAsyncInit = function(){
  2.   FB.init({ appId:’xxxxxxxxxxxx’, status:true,  cookie:true, xfbml:true});
  3.   FB.getLoginStatus(function(response){
  4.    if (response.status != “unknown”)
  5.    {
  6.     show_login_status(“Facebook”, true);
  7.    }else{
  8.     show_login_status(“Facebook”, false);
  9.    }
  10.   });
  11.  };
  12.  // Load the SDK Asynchronously
  13.  (function(d){
  14.   var js, id = ‘facebook-jssdk’; if (d.getElementById(id)) {return;}
  15.   js = d.createElement(‘script’); = id; js.async = true;
  16.   js.src = “//”;
  17.   d.getElementsByTagName(‘head’)[0].appendChild(js);
  18.  }(document));

You will need to replace xxxxxxxxx above with the appID for an app created for your domain; if you don’t have one you can create one in about 60 seconds. Simply visit whilst logged in to Facebook, and click “Create New App”. You will be prompted for a “Display Name”, and you can enter any old dummy text here and press Continue. On the next page it is only necessary to fill out the “App Domain” and the “Website” with the URL of the domain you want to use this code on. Do that, save changes and grab the “App ID” from the top of the page and enter it in the code above.

You should be all set! Now you can change your alert() functions to do whatever you want based on the login status of the user. See a demo of it in action Social Network Login Status Detector Demo.

Wrap up

In my testing this worked on a range of versions of Firefox and Chrome, IE versions 7 and up, Safari and Opera. It may be that these loopholes get fixed, but in the meantime I implore you to only use this in nice ways. There is an argument that a 3rd party even knowing what other sites you are logged into is a breach of your privacy, and I can certainly see why some people would feel like that (especially if this was scaled up to more personal sites that you might be logged into). If you want to prevent this then for Firefox you can try RequestPolicy or NoScript. For Chrome you can give ScriptNo a shot. On IE you can try giving Firefox or Chrome a try. ;)

However, I do also think that this sort of thing can be used in good ways – serving only a subset of social buttons to your users, or determining whether you should be providing support on a given social platform etc. If anyone has any nice suggestions for other ways you could use (nicely) use this, I’d love to hear. 에서 참조

What does “GPL” stands for?

“GPL” stands for “General Public License”. The most widespread such lince is the GNU

General Public License, or GNU GPL for short. This can be further shortened to “GLP”,

when it is understood that the GNU GPL is the one intended.


Does free software mean using the GPL?

Not at all?there are many other free software licenses. We have an   incomplete list.

Any license that provides the user certain specific freedoms is a free software license.

Why should I use the GNU GPL rather than other free software licenses?

Using the GNU GPL will require that all the released improved versions be free software.

This means you can avoid the risk of having to compete with a proprietary  modified

version of your own work. However, in some special situations it can be better to use

a more permissive license.

자유 소프트웨어니 오픈 소스니 하는 말들이 요즘 너무 많이 쓰이고 있는 것 같습니다. 웹서핑을 하던중 이런 저런 글들을 읽어보다가 글을 남깁니다. GPL 라이센스에 있는 소스를 이용해 내가 제품을 하나 만들었다면 그래서 그 제품을 상용으로 팔았어도 아무런 문제가 없는거 맞죠.? -> 네 그러나 소스코드를 제공해야합니다.
다만 그 제품을 산 사람에게 소스만 공개 하면 되는거죠.? -> 네.
다른 어느곳에도 소스 공개를 하지 않아도 되는 거죠.? -> 물론 GPL 프로그램 B와 링크하여 상용프로그램을 A를 만들면 A는 GPL입니다. 하지만 GPL 을 만들었다고 해서 다른 누군가가 제작자에게 A를 내놓으라고 요구할 수는 없습니다.
근데 그 제품을 산 사람도 결국 소스를 얻은 사람도 소스 재배포가 가능 하지 않나요.? -> 네. 맞습니다. 산 사람은 또 팔아도 되고, 마구 뿌려도 되죠. 수정해도 되죠.
비록 돈주고 샀다고 하더라도 그 사람이 세상 만 천하에 공개를 하면 어떻게 되는거죠.? -> 그게 GPL의 핵심입니다. 수정과 배포.
그렇다면 그 제품을 산 사람은 GPL 라이센스의 제품을 샀고 소스도 제공 받았는데 재 배포는 못하는 건가요.? -> 재배포 할 수 있습니다.
요약하면, 1) GPL에 대한 modification은 가능하고 이를 공개하지 않아도 된다. 2) 팔아도 되지만, 소스를 건네줘야한다. 그리고 이를 구입한자는 공짜로    (또는 유료로) 재배포 가능하다. 3) 내가 수정을 했을 경우, 나의 프로그램은 자동으로 GPL이 된다. 4) 내가 링크할 경우 나의 프로그램은 GPL이 된다. 5) 내가 플러그인을 만들 경우 내 프로그램이 fork/exec를 하면 GPL이 아니다.    내가 플러그인을 만들었는데 그게 아니라 다이나믹 링킹이면 GPL이 된다. 입니다…
그래서, GPL 인 상용 소프트웨어를 돈받고 파는건 힘들죠… 어떤 종류의 유지보수라던가 하는 개념이 들어가서 거기에 요금을 부과하지 않는한요…