want to make redirects, I'm clueless???

[Lodius2000]

so heres my login script, I know a redirect needs to be in the <head> but i cant figure out how to get it there given my script

I'm all up for using a javascript redirect like this

<script type="text/javascript">
<!--
window.location = "/managearticle/index.php"
//-->
</script>

i am thinking i am going to have to include allllllll my html formatting inside both the show_form() and process_form() functions

help!

 

<?php
session_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 TRANSITIONAL//EN">
<html>

<head>
<link href="requires/main.css" rel="stylesheet" type="text/css" />
	<title></title>

</head>
<body>

<div class="divaligncenter">
<div class="contentbox">

<?php

//this is the login page
require ('../../install/PEAR/DB.php');
require ('../../../dbfiles/db_login.php');
require ('requires/formhelpers.php');
$db->setErrorHandling(PEAR_ERROR_DIE);
$db->setFetchMode(DB_FETCHMODE_ASSOC);

if($_POST['_submit_check']){
if($form_errors = validate_form()){
	show_form($form_errors);
} else {
	process_form();
}
} else {
show_form();
}

function show_form($errors = '') {

if ($errors){
	print 'Please correct these errors: <ul><li>';
	print implode('</li><li>', $errors);
	print '</li></ul>';
}

print '<form name="login" method="POST" action="'.htmlentities($_SERVER['PHP_SELF']).'">';
//begin the unique form

print "<table>\n";

print '<tr><td>Username:</td><td>';
input_text('username', $_POST);
print "</td></tr>\n";

print '<tr><td>Password:</td><td>';
input_password('password', $_POST);
print "</td></tr>\n";

print '<tr><td></td><td>';
input_submit('submit', 'Log in');
print "</td></tr>\n";
print '<input type="hidden" name="_submit_check" value="1" />';
print "</table>\n";
print '</form>';
}

function validate_form(){
global $db;

//check that username is entered
if (trim(strlen($_POST['username'])) == 0) {
	$errors[]= "You must enter a username.";
}

//check that username is only letters or numbers
if (! preg_match('/^[a-zA-Z0-9]+$/i', $_POST['username'])){
	$errors[]= "Your username must be <i><b>ONLY</b></i> letters or numbers.";
}

//check that the username exists
$q = $db->query("SELECT username FROM users WHERE username = '$_POST[username]'");
if ($q->numrows() == 0 ){
	$errors[] = 'Please enter a valid username.';
}


//check that password is entered
if (trim(strlen($_POST['password'])) == 0) {
	$errors[]= "You must enter a password.";
}

//check that password is only letters or numbers
if (! preg_match('/^[a-zA-Z0-9]+$/i', $_POST['password'])){
	$errors[]= "Your password must be <i><b>ONLY</b></i> letters or numbers.";
}

//check that password matches username
$encrypted_password = $db->getOne("SELECT password FROM users WHERE username = '$_POST[username]'");
if ($encrypted_password != crypt($_POST['password'], $encrypted_password)){
	$errors[] = 'Please enter a valid password.';
}
//$errors[]=$encrypted_password;

return $errors;

}

function process_form(){
$username = $_POST['username'];


//add username to session
$_SESSION['username'] = $username;

print "Welcome, {$_SESSION['username']}<br />\n";
print '<a href="managearticle/index.php">Continue here</a>';
}

?>
<script language="JavaScript">
    document.login.username.focus();
    </script>


</div>
</div>


</body>
</html>

[unidox]

You can also use the header() function, but make sure you have ob_start(); on top of page.

[Lodius2000]

but thats my problem when i need the redirect to happen headers have already been sent, with ob_start can I just arbitrarily add a header?

[DarkWater]

You could use a meta refresh too.

[trq]

but thats my problem when i need the redirect to happen headers have already been sent, with ob_start can I just arbitrarily add a header?

 

Using output buffering is just a hack. Fix your code so it doesn't output anything prior to calling header(). There is no point in outputting anything if all your going to do is redirect anyway, makes no sense.

[Lodius2000]

thorpe, the redirect would be upon successful login, so headers have to be sent  in order to display the form

[dannyb785]

There is no point in outputting anything if all your going to do is redirect anyway, makes no sense.

 

 

This is key to getting redirects right. Sure, you may accidentally add output before the header, but I see lotsa code where people type all this html outputting text and then try to redirect but... if they really wanted it to redirect(and if headers redirected after output was made), the user would never see the text anyways.

 

[trq]

so headers have to be sent  in order to display the form

No, a form is displayed, the user fills it out and hits submit, the form is processed (nothing is displayed) and then you redirect. Simple.