AKalair Posted September 22, 2008 Share Posted September 22, 2008 Hi guys, Still working on my login form thingy and I'm having another issue. I want to auto redirect the people if they log in successfully but when I use header( 'Location: http://www.thegamerspad.com/members.php' ) ; I get an error. <? if (!$dbcnx) { echo( "<P>Unable to connect to the " . "database server at this time.</P>" ); exit(); } $query = "SELECT username FROM users WHERE username = '{$_POST['username']}'"; $result = mysql_query($query); $row = mysql_fetch_assoc($result); $user = mysql_num_rows($result); if ($user == 1 ) { $queryo = "SELECT password FROM users WHERE password = '{$_POST['password']}'"; $resulto = mysql_query($queryo); $rowo = mysql_fetch_assoc($resulto); $usero = mysql_num_rows($resulto); } if ($usero == 1) { session_start(); $_SESSION['auth'] = 1; header( 'Location: http://www.thegamerspad.com/members.php' ) ; } else { echo "Invalid Sorry"; } ?> This is the error message Warning: Cannot modify header information - headers already sent by (output started at /home/thegamer/public_html/PHP/login2.php:34) in /home/thegamer/public_html/PHP/login2.php on line 36 Any ideas thanks Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/ Share on other sites More sharing options...
FVxSF Posted September 22, 2008 Share Posted September 22, 2008 Take a look where you placed session_start(). This might be the cause. All way stick session_start() at the top of the file. right after <?php See if that helps. Also. When you post mysql_connect() leave out the DB username and password. Don't want peps to hack yer site Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/#findComment-647836 Share on other sites More sharing options...
AKalair Posted September 22, 2008 Author Share Posted September 22, 2008 I need session start there though as I only want them logged in if they get the username and password right. Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/#findComment-647837 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 white spaces could be the problem as well: <?php session_start(); if (!$dbcnx) { echo "<P>Unable to connect to the database server at this time.</P>"; exit(); } $query = "SELECT username FROM users WHERE username = '{$_POST['username']}'"; $result = mysql_query($query); $row = mysql_fetch_assoc($result); $user = mysql_num_rows($result); if ($user == 1) { $queryo = "SELECT password FROM users WHERE password = '{$_POST['password']}'"; $resulto = mysql_query($queryo); $rowo = mysql_fetch_assoc($resulto); $usero = mysql_num_rows($resulto); } if ($usero == 1) { $_SESSION['auth'] = 1; header( 'Location: http://www.thegamerspad.com/members.php' ) ; } else { echo "Invalid Sorry"; } ?> Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/#findComment-647838 Share on other sites More sharing options...
slapdashgrim Posted September 22, 2008 Share Posted September 22, 2008 I need session start there though as I only want them logged in if they get the username and password right. the session can start at the begining. but just set the session variable where it is now. session_start should always be the first thing after <?php Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/#findComment-647843 Share on other sites More sharing options...
FVxSF Posted September 22, 2008 Share Posted September 22, 2008 I need session start there though as I only want them logged in if they get the username and password right. **Not no to slapdashgrim, he beat me to the post** No, SESSIONS are used for many things. They are used to track guests, page views, you can log how long people are staying at your site, security tokens, user authentication and more. When I work on my app that users inter act with, I use the session to store their User ID, User Name, Login Time, Their Power level (then match with DB) and a few other things if needed. So if the user is not logged in, you can create a variable say UserLoggedIn and have it equal FALSE if they are not or TRUE if they are. This also adds a little more security. Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/#findComment-647846 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 decided to clean up the code some more (to make it run faster): <?php session_start(); if (!$dbcnx) { echo "<P>Unable to connect to the database server at this time.</P>"; exit(); } if (isset($_POST['username']) && isset($_POST['password'])){ $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $query = "SELECT `username` FROM `users` WHERE `username` = '$username' AND `password`='$password' LIMIT 1;"; $result = mysql_query($query); $row = mysql_fetch_assoc($result); $user = mysql_num_rows($result); if ($user == 1) { $_SESSION['auth'] = 1; $_SESSION['username'] = $username; header('Location: http://www.thegamerspad.com/members.php'); } else { echo "Invalid Sorry"; } } else { echo "You Did Not Enter a Username/Password"; } ?> Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/#findComment-647850 Share on other sites More sharing options...
jonsjava Posted September 22, 2008 Share Posted September 22, 2008 So if the user is not logged in, you can create a variable say UserLoggedIn and have it equal FALSE if they are not or TRUE if they are. This also adds a little more security. you don't need to create the variable, until it is true. this way, you can say: <?php if ($_SESSION['is_logged_in']){ //bleh } else{ //blah } ?> if a variable has a value, it is taken to be true. If it doesn't, it's taken as false Link to comment https://forums.phpfreaks.com/topic/125336-php-redirect-after-processing-form/#findComment-647855 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.