another header problem

[jeff5656]

If only php did re-directs there wouldn't be a sticky dedicated to this problem.  Anyway I have page1 and it has an include.  This page1 NEEDS a header for various reason like having <script> etc.  The include file, page2 ALSO needs a header - it is the main login page.  It ALSO needs to echo things out to the user.  Because of this, when the uer types in the corret password, they are brought bck to page1 and then I get the "header already sent" error!

How do I solve this problem?  Is there  PHP solution?  Why can't it be smart enough to remember the page1 header info when it goes off and does an Include?  The way it is now, I can't include a file if it has a header and echos output??

 

I am hoping the solution is not to do a major rewrite of the code so the include file doesn't have any echoes.  Unless I am missing something, this seems to be a major flaw in how PHP works.

[DEVILofDARKNESS]

If you are able to do the redirect above the html, it should work

<?php
header('location:./page1.php');
?>
<html>
...
</html>

[jeff5656]

I I re-direct (on page2) above the HTML, won't it redirect before page2 executes?

[DEVILofDARKNESS]

I can't say much without the source-code,

can you show it to us?

[jeff5656]

Page1

<?php
require "secure-admin.php";
$cookiename	= 'delcookie';

//include "dateheader.php"; 
include "connectdb.php"; ?>
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Patient Encounter List</title>
<script type="text/javascript" src="../consults/formvalidator.js"></script>
<script type="text/javascript">
<!--
function check(formname, submitbutton) {
  var errors = '';
  
  errors += checkText(formname, 'close_reason', 'Close reason');
  errors += checkText(formname, 'mypassword', 'Password');
  
  
  return checkThisForm(formname, submitbutton, errors);
}

//-->
</script>

<link href="../consults/stylesheets/table_design.css" rel="stylesheet" type="text/css">
</head>

<table border="1">
etc.

 

secure-admin.php:

<?php

/* Config Section */

$pass		= 'test-pw';				// Set the password.
$cookiename	= 'delcookie';				// Optional change: Give the cookie a name. Default is cmecookie
$expirytime	= time()+3600;				// Optional change: Set an expiry time for the password (in seconds). Default is 1 hour. time()+3600
$msg		= 'Password incorrect.';	// Optional change: Error message displayed when password is incorrect. Default is "Password incorrect".

/* End Config */

/* Logout Stuff -*/

if (isset($_REQUEST['logout'])) {
setcookie($cookiename,'',time() - 3600);							// remove cookie/password
if (substr($_SERVER['REQUEST_URI'],-12)=='?logout=true') {			// if there is '?logout=true' in the URL
	$url=str_replace('?logout=true','',$_SERVER['REQUEST_URI']);	// remove the string '?logout=true' from the URL
	header('Location: '.$url);										// redirect the browser to original URL
}
show_login_page('');

}

$logout_button='<form action="'.$_SERVER['REQUEST_URI'].'" method="post"><input type="submit" name="logout" value="Logout" /></form>';
$logout_text='<a href="'.$_SERVER['REQUEST_URI'].'?logout=true">Logout</a>';

/* End Logout Stuff */

/* FUNCTIONS */
$encrypt_pass=md5($pass);	// encrypt password

function setmycookie() {
global $cookiename,$encrypt_pass,$expirytime;
setcookie($cookiename,$encrypt_pass,$expirytime);
}	

function show_login_page($msg) {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Authorization Required</title>
<style type="text/css">
<!--
.error {color:#A80000}
body {font:90% Verdana, Arial, sans-serif;color:#404040}
#wrapper {width:800px;margin:0 auto;border:1px solid #606060}
#main {text-align:center;padding:15px}
#header {
font:bold 130% Verdana, Arial, sans-serif;
color:#DDDDDD;
width:100%;
height:5em;
text-align:center;
line-height:5em;
background-color: #0066CC;
}
#mid {margin:2em 0 2em 0}
#footer {font-size:75%;text-align:center;width:100%}
input {border:1px solid #606060; background: #DDDDDD}
-->
</style>
<SCRIPT TYPE="text/javascript">
<!--
function popup(mylink, windowname)
{
if (! window.focus)return true;
var href;
if (typeof(mylink) == 'string')
   href=mylink;
else
   href=mylink.href;
window.open(href, windowname, 'width=400,height=200,scrollbars=yes');
return false;
}
//-->
</SCRIPT>

</head>
<body>
<div id="wrapper">
<div id="header">Administration Access</div>
<div id="main">
<div id="mid">
	<p><u><strong>Clearance for permanent deleting of  records</strong></u><br />
   </p><br />

	<form action="" method="POST">
		Password: <input type="password" name="password" size="20"> 
		<input type="submit" value="Login">
		<input type="hidden" name="sub" value="sub">
	</form>
	<div class=error><?php echo $msg; ?></div>
</div>
</div>
</div>
<div id="footer">For login-in issues contact <a href="../consults/contact.htm"  onClick="return popup(this, 'notes')">s </a> Copyright © 2008.</div>
</body>
</html>
<?php }

/* END FUNCTIONS */

$errormsg='';
if (substr($_SERVER['REQUEST_URI'],-7)!='secure.php') {// if someone tries to request sas.php
if (isset($_POST['sub'])) {						// if form has been submitted
	$submitted_pass=md5($_POST['password']);	// encrypt submitted password
	if ($submitted_pass<>$encrypt_pass) {		// if password is incorrect
		$errormsg=$msg;
		show_login_page($errormsg);
		exit();
	} else {									// if password is correct
		setmycookie();
		?>
            <p>Delete privileges are active!</p>
            <p>
		<a href="displayactive.php">Return to active list</a></p>
		<p>
		<a href="displaysignoff.php">Return to signoff list</a></p>
            <p><a href="adminheader.php">Goto Admin Panel</a></p>
		<?php
	}
} else {
	if (isset($_COOKIE[$cookiename])) {			// if cookie isset
		if ($_COOKIE[$cookiename]==$encrypt_pass) {	// if cookie is correct
		   echo "You may now delete records" . "<br>";
		   ?><a href="displayactive.php">Go to active list</a><br />
               <a href="displaysignoff.php">Go to signoff list</a>
               
               <?php
		} else {								// if cookie is incorrect
			show_login_page($errormsg);
			exit();
		}
	} else {									// if cookie is not set
		show_login_page($errormsg);
		exit();
	}
}
} else {
echo 'Try requesting demo.php';
}
?>

[DEVILofDARKNESS]

You should do your form validation before the actually html, like I said.

This Will happen:

 

-I visit the page

-Print form(1)

-I click on Login (in form1)

-the page reloads itself

-Print the form(2)

-do validation of form(1) <- error because the headers already are sent (form2)

 

if the validation happens before printing the form, you can send your headers

[jeff5656]

I apologize for not figuring out how exactly I accomplish that, given the way my code is.  Can you give me a hint as to specifically how I modify form2 (or is it form1) so that this works?  Both forms have echoes so I can't echo something before the header can I?  So then I am not sure how to accomplish what you say I need to do.

[DEVILofDARKNESS]

Alright I will try it again

 

your form is echoe'd before the php code,

this causes that the php can't send anything from headers,

 

the only thing you have to do is, to copy-paste your form-validation-code above the html

 

<?php
//CODE HERE
?>
<html>
...
<form>

[jeff5656]

I am trying to apply the generic instructions to my specific problem so I;m sorry still have questions.  I took all the HTML and put it below all the php code, as you said and now when I load page1, the screen is blank.  Here; what I did:

<?php

/* Config Section */

$pass		= 'admin';				// Set the password.
$cookiename	= 'delcookie';				// Optional change: Give the cookie a name. Default is cmecookie
$expirytime	= time()+3600;				// Optional change: Set an expiry time for the password (in seconds). Default is 1 hour. time()+3600
$msg		= 'Password incorrect.';	// Optional change: Error message displayed when password is incorrect. Default is "Password incorrect".

/* End Config */

/* Logout Stuff - Sept 5, 2005 */

if (isset($_REQUEST['logout'])) {
setcookie($cookiename,'',time() - 3600);							// remove cookie/password
if (substr($_SERVER['REQUEST_URI'],-12)=='?logout=true') {			// if there is '?logout=true' in the URL
	$url=str_replace('?logout=true','',$_SERVER['REQUEST_URI']);	// remove the string '?logout=true' from the URL
	header('Location: '.$url);										// redirect the browser to original URL
}
show_login_page('');

}

$logout_button='<form action="'.$_SERVER['REQUEST_URI'].'" method="post"><input type="submit" name="logout" value="Logout" /></form>';
$logout_text='<a href="'.$_SERVER['REQUEST_URI'].'?logout=true">Logout</a>';

/* End Logout Stuff */

/* FUNCTIONS */
$encrypt_pass=md5($pass);	// encrypt password

function setmycookie() {
global $cookiename,$encrypt_pass,$expirytime;
setcookie($cookiename,$encrypt_pass,$expirytime);
}	

function show_login_page($msg) {
?>

<head>
<title>Authorization Required</title>
<style type="text/css">
<!--
.error {color:#A80000}
body {font:90% Verdana, Arial, sans-serif;color:#404040}
#wrapper {width:800px;margin:0 auto;border:1px solid #606060}
#main {text-align:center;padding:15px}
#header {
font:bold 130% Verdana, Arial, sans-serif;
color:#DDDDDD;
width:100%;
height:5em;
text-align:center;
line-height:5em;
background-color: #0066CC;
}
#mid {margin:2em 0 2em 0}
#footer {font-size:75%;text-align:center;width:100%}
input {border:1px solid #606060; background: #DDDDDD}
-->
</style>
<SCRIPT TYPE="text/javascript">
<!--
function popup(mylink, windowname)
{
if (! window.focus)return true;
var href;
if (typeof(mylink) == 'string')
   href=mylink;
else
   href=mylink.href;
window.open(href, windowname, 'width=400,height=200,scrollbars=yes');
return false;
}
//-->
</SCRIPT>

</head>

<?php }

/* END FUNCTIONS */

$errormsg='';
if (substr($_SERVER['REQUEST_URI'],-7)!='secure.php') {// if someone tries to request sas.php
if (isset($_POST['sub'])) {						// if form has been submitted
	$submitted_pass=md5($_POST['password']);	// encrypt submitted password
	if ($submitted_pass<>$encrypt_pass) {		// if password is incorrect
		$errormsg=$msg;
		show_login_page($errormsg);
		exit();
	} else {									// if password is correct
		setmycookie();
		?>
            <p>Delete privileges are active!</p>
            <p>
		<a href="displayactive.php">Return to active list</a></p>
		<p>
		<a href="displaysignoff.php">Return to signoff list</a></p>
            <p><a href="adminheader.php">Goto Admin Panel</a></p>
		<?php
	}
} else {
	if (isset($_COOKIE[$cookiename])) {			// if cookie isset
		if ($_COOKIE[$cookiename]==$encrypt_pass) {	// if cookie is correct
		   echo "You may now delete records" . "<br>";
		   ?><a href="displayactive.php">Go to active list</a><br />
               <a href="displaysignoff.php">Go to signoff list</a>
               
               <?php
		} else {								// if cookie is incorrect
			show_login_page($errormsg);
			exit();
		}
	} else {									// if cookie is not set
		show_login_page($errormsg);
		exit();
	}
}
} else {
echo 'Try requesting demo.php';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<body>
<div id="wrapper">
<div id="header">Administration Access</div>
<div id="main">
<div id="mid">
	<p><u><strong>Clearance for permanent deleting of  records</strong></u><br />
   </p><br />

	<form action="" method="POST">
		Password: <input type="password" name="password" size="20"> 
		<input type="submit" value="Login">
		<input type="hidden" name="sub" value="sub">
	</form>
	<div class=error><?php echo $msg; ?></div>
</div>
</div>
</div>
<div id="footer">For login-in issues contact <a href="../consults/contact.htm"  onClick="return popup(this, 'notes')">Jeff Jennings </a> Copyright © 2008.</div>
</body>
</html>