Jump to content

Archived

This topic is now archived and is closed to further replies.

Ninjakreborn

headers already sent(but it worked before)

Recommended Posts

I am trying to redirect someone to another location after they login.  I need it to do what it needs to do, and redirect them back to the homepage, set on what school they are suppose to, so I have to pass school through it
header("Location: index.php?school={$_SESSION[schoolaccess]}");
That is what I have, but it is saying header allready sent,  I thought the location header could be sent anywhere??

Share this post


Link to post
Share on other sites
The thing is I thought you could use redirect anywhere.  Like in the middel of a page, if they do something it redirects them somewhere, I thought this could be used pretty much anywhere, to change them to other pages, when something happens. 
[code]<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include './includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include './includes/header.inc.php'; // inserts header, logo, and everything up there
?>
    <br style="clear: both;" />

<?php
include './includes/leftnav.inc.php'; // inserts left navigation
?>

    <div id="content">

        <div id="processor">
<h3>Sign Up Completion</h3>
<?php
// signing into database, and preparing for validation and entry
mysql_connect("mysql185.secureserver.net", "#####", "######");
mysql_select_db("joyel");

// Get information from database to work with
$errorhandler = "";
$username = mysql_real_escape_string($_POST['username']);
$username = strtolower($username);
$password = mysql_real_escape_string($_POST['password']);
$password = strtolower($password);
if ($username == "") {
$errorhandler .= "The Login Username was left blank.<br />";
}
if ($password == "") {
$errorhandler .= "The password was left blank.<br />";
}
if ($errorhandler != "") {
echo "<span class=\"spanred\">";
echo $errorhandler;
echo "</span>";
}

if ($errorhandler == "") {
$password = md5($password);
$selectemail = "SELECT * FROM userinfo WHERE email = '$username';";
$queryemail = mysql_query($selectemail);
if ($rowemail = mysql_fetch_array($queryemail)) { // checks if email exists
$selectpass = "SELECT * FROM userinfo WHERE email = '$username' AND password =
'$password';";
$querypass = mysql_query($selectpass);
if ($rowpass = mysql_fetch_array($querypass)) {
$_SESSION['username'] = $rowpass['email'];
$_SESSION['schoolaccess'] = $rowpass['schoolname'];
$_SESSION['controller'] = true;
$_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['lastlogin'] = date("m/d/y");
$url = "http://www.thecampussource.com/index.php?school={$_SESSION['schoolaccess']}";
header("Location: {$url}");
}else {
// Send email to account owner, notifying him of date and time of attempted access
// With improper password to his/or her account
echo "You have attempted an unauthorized access.<br />";
echo "If you are not the user of this account, please discontinue this activity ";
echo "immediately.";
echo "The original account owner was sent all of your computer information.  If they.";
echo "Report the unauthorized attempt to administration you will be banned from the ";
echo "site for an indefinite period of time.";
$to = "{$rowemail[email]}";
$subject = "www.thecampussource.com: Security Issue";
$newdate = date("m/d/y");
$newtime = time();
$message = "
  There has been a possible unauthorized attempt on your account.  Someone attempted to access your account via your email address, however they provided the wrong credentials.  The following information was information we were able to recover from the attempted entry.  If you are wondering whether or not this was you, please compare this IP number with your IP number for a match, if there was no match, then please contact administration, with the IP number of the person who attempted unauthorized access, with a forwarded version of this email, and we will investigate, and possible ban that user from the site.
IP Address: {$_SERVER['REMOTE_ADDR']}
Possible Browser: {$_SERVER['HTTP_USER_AGENT']}
Date of Attempt: {$newdate}
Possible Time Of Attempt: {$newtime}
";
$headers = "From: Administrator@thecampussource.com";
mail($to, $subject, $message, $headers);
} // end security measure

}else {
echo "There is no point in continuing with the process.  your email does not exist ";
echo "within our database.  Please double check your email address, register, or contact ";
echo "support if you feel you recieved this message in error.<br />";
}
} // close error handler check

?>




        </div>

    </div>
<?php
include './includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>

<?php
include './includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>[/code]

Share this post


Link to post
Share on other sites
Ok what's going on, I can't even use location when I try and do a logout with session destroy something is messed up here, what in my php ini might affect this, can someone help, I am having to do everything were they click on a link instead of automatically redirecting.

Share this post


Link to post
Share on other sites
well I guess that will have to do, for the logout, I got it working with just

[code]<?php
session_start();
session_destroy();
header("location: /index.php");
?>[/code]

For my other page, I just settled for the, finish the process type of setup.

[code]<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include './includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion
?>
</head>
<body>
<div id="wrap">
<?php
include './includes/header.inc.php'; // inserts header, logo, and everything up there
?>
    <br style="clear: both;" />

<?php
include './includes/leftnav.inc.php'; // inserts left navigation
?>

    <div id="content">

        <div id="processor">
<h3>Sign Up Completion</h3>
<?php
// signing into database, and preparing for validation and entry
mysql_connect("mysql185.secureserver.net", "#####", "#####");
mysql_select_db("joyel");

// Get information from database to work with
$errorhandler = "";
$username = mysql_real_escape_string($_POST['username']);
$username = strtolower($username);
$password = mysql_real_escape_string($_POST['password']);
$password = strtolower($password);
if ($username == "") {
$errorhandler .= "The Login Username was left blank.<br />";
}
if ($password == "") {
$errorhandler .= "The password was left blank.<br />";
}
if ($errorhandler != "") {
echo "<span class=\"spanred\">";
echo $errorhandler;
echo "</span>";
}

if ($errorhandler == "") {
$password = md5($password);
$selectemail = "SELECT * FROM userinfo WHERE email = '$username';";
$queryemail = mysql_query($selectemail);
if ($rowemail = mysql_fetch_array($queryemail)) { // checks if email exists
$selectpass = "SELECT * FROM userinfo WHERE email = '$username' AND password =
'$password';";
$querypass = mysql_query($selectpass);
if ($rowpass = mysql_fetch_array($querypass)) {
$_SESSION['username'] = $rowpass['email'];
$_SESSION['schoolaccess'] = $rowpass['schoolname'];
$_SESSION['controller'] = true;
$_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['lastlogin'] = date("m/d/y");
echo "<p>Please finish the login process by clicking the link below.</p><br />";
echo "<a href=\"/index.php?school={$_SESSION[schoolaccess]}\" title=\"Finish Login\">Finish Login Process</a>";
}else {
// Send email to account owner, notifying him of date and time of attempted access
// With improper password to his/or her account
echo "You have attempted an unauthorized access.<br />";
echo "If you are not the user of this account, please discontinue this activity ";
echo "immediately.";
echo "The original account owner was sent all of your computer information.  If they.";
echo "Report the unauthorized attempt to administration you will be banned from the ";
echo "site for an indefinite period of time.";
$to = "{$rowemail[email]}";
$subject = "www.thecampussource.com: Security Issue";
$newdate = date("m/d/y");
$newtime = time();
$message = "
  There has been a possible unauthorized attempt on your account.  Someone attempted to access your account via your email address, however they provided the wrong credentials.  The following information was information we were able to recover from the attempted entry.  If you are wondering whether or not this was you, please compare this IP number with your IP number for a match, if there was no match, then please contact administration, with the IP number of the person who attempted unauthorized access, with a forwarded version of this email, and we will investigate, and possible ban that user from the site.
IP Address: {$_SERVER['REMOTE_ADDR']}
Possible Browser: {$_SERVER['HTTP_USER_AGENT']}
Date of Attempt: {$newdate}
Possible Time Of Attempt: {$newtime}
";
$headers = "From: Administrator@thecampussource.com";
mail($to, $subject, $message, $headers);
} // end security measure

}else {
echo "There is no point in continuing with the process.  your email does not exist ";
echo "within our database.  Please double check your email address, register, or contact ";
echo "support if you feel you recieved this message in error.<br />";
}
} // close error handler check

?>




        </div>

    </div>
<?php
include './includes/banner.inc.php'; // includes the banner, randomly selected from a database
?>

<?php
include './includes/footer.inc.php'; // includes the page footer, bottom navigation copyright
?>
</div>
</body>
</html>[/code]

Also, you know, if anyone has any advice, on how I can make that login processor page redirect automatically back to the homepage, and have it work, It would be greatly appreciated, but if not I can live with this.

Share this post


Link to post
Share on other sites
You can use the output buffer.

headers can't be modified after they're sent, but you can determine WHEN they're sent.

[b]WONT WORK[/b]
[code]
<html>
<? header("location:page.html"); ?>
[/code]

[b]WILL WORK[/b]
[code]
<? ob_start(); ?>
<html>
<? header("location:page.html"); ?>
<? ob_end_flush(); ?>
[/code]

There is more to know on output buffers, I suggest you give it a read. Also, when you change the page location, the first page will finish processing. Make sure to put an exit(); after your header if you dont want that to happen.

Share this post


Link to post
Share on other sites
put an 'exit' after a header("Location: blah") call. someone will need to put this into better words ,but these header redirects dont occur until the script ends.

[code]
header("Location: /somewhere.php");
exit;
[/code]
output buffering works, but in many cases its used too often to patch up sloppy code.

otherwise, i'm sure youve been around long enough to have read: http://www.phpfreaks.com/forums/index.php/topic,37442.0.html

cheers
Mark

[b]edit[/b]: sorry bholbrook, missed this:
[quote]
Also, when you change the page location, the first page will finish processing. Make sure to put an exit(); after your header if you dont want that to happen.
[/quote]

Share this post


Link to post
Share on other sites
[quote]The thing is I thought you could use redirect anywhere.[/quote]
You thought wrong. There is a stick in the [url=http://www.phpfreaks.com/forums/index.php/topic,95562.0.html]FAQ/Code snippet repository[/url], read it.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.