evado Posted October 29, 2011 Share Posted October 29, 2011 Hi, I read the HEADER advice on the forum but I think that I still need help to figure out what I am doing wrong with header("location: page_to_load"). In local, the redirection works without problems. When I test online on a free server (p4o.net), it works fine; but when I test it on the paid server (mediaserve.com), the redirect loads a blank page. After the blank page is loaded, I manually load the protected page (MyAccount.php) and all the information were displayed successfuly. I logged out and signed in with wrong credential. The result is a blank page. I manually loaded MyAccount.php again and I had "Access denied". I then concluded that the redirection deos not work. Is there any work arround for this situation? Please help. Thanks Login.php <form id="login" method="POST" action="handlers/login_handler.php"> <strong>Username</strong> <input name="TextBoxEmailAdress" type="text" id="TextBoxEmailAddress" /> <strong>Password</strong> <input name="TextBoxPassword" type="password" id="TextBoxPassword" /> <input name="ButtonSubmit" value="Login" id="ButtonSubmit" type="submit" /> </form> login_handler.php <?php ob_start(); //Start session session_start(); //Include database connection details require_once('../includes/WebConfig.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $Var_EmailAddress = clean($_POST['TextBoxEmailAddress']); $Var_Password1 = clean($_POST['TextBoxPassword']); //Input Validations if($Var_EmailAddress== '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($Var_Password1== '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: ../index.php?PageId=login"); exit(); } //Create query $Var_Password1 = md5($Var_Password1); $query="SELECT * FROM $tbl_member WHERE EmailAddress='$Var_EmailAddress' AND Password1='$Var_Password1'"; $result=mysql_query($query); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['Member_Id']; $_SESSION['SESS_FIRST_NAME'] = $member['FirstName']; $_SESSION['SESS_LAST_NAME'] = $member['LastName']; $_SESSION['SESS_EMAIL_ADDRESS'] = $member['EmailAddress']; $_SESSION['SESS_ADMIN_ROLE'] = $member['AdminRole']; $_SESSION['SESS_CONTRIB_EMAIL'] = ""; session_write_close(); header("location: ../MyAccount.php"); exit(); } else { //Login failed header("location: ../index.php?PageId=login-failed"); exit(); } } else { //echo "mysql error: " .mysql_error(); //echo "<br> mysql error number: " .mysql_errno(); //die("Query failed"); //Login failed header("location: ../index.php?PageId=login-failed"); } ?> Quote Link to comment https://forums.phpfreaks.com/topic/250062-how-can-i-solve-this-header-rediction-issue/ Share on other sites More sharing options...
jcbones Posted October 29, 2011 Share Posted October 29, 2011 You need to de-bug the files. error_reporting(-1); ini_set('display_errors',1); Quote Link to comment https://forums.phpfreaks.com/topic/250062-how-can-i-solve-this-header-rediction-issue/#findComment-1283294 Share on other sites More sharing options...
evado Posted October 29, 2011 Author Share Posted October 29, 2011 Thanks for that quick reply. I added the code you provided as followed in the login_handler.php: <?php ob_start(); error_reporting(-1); ini_set('display_errors',1); //Start session session_start(); //Include database connection details require_once('../includes/WebConfig.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $Var_EmailAddress = clean($_POST['TextBoxEmailAddress']); $Var_Password1 = clean($_POST['TextBoxPassword']); //Input Validations if($Var_EmailAddress== '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($Var_Password1== '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: ../index.php?PageId=login"); exit(); } //Create query $Var_Password1 = md5($Var_Password1); $query="SELECT * FROM $tbl_member WHERE EmailAddress='$Var_EmailAddress' AND Password1='$Var_Password1'"; $result=mysql_query($query); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['Member_Id']; $_SESSION['SESS_FIRST_NAME'] = $member['FirstName']; $_SESSION['SESS_LAST_NAME'] = $member['LastName']; $_SESSION['SESS_EMAIL_ADDRESS'] = $member['EmailAddress']; $_SESSION['SESS_ADMIN_ROLE'] = $member['AdminRole']; $_SESSION['SESS_CONTRIB_EMAIL'] = ""; session_write_close(); header("location: ../MyAccount.php"); exit; } else { //Login failed header("location: ../index.php?PageId=login-failed"); exit; } } else { //echo "mysql error: " .mysql_error(); //echo "<br> mysql error number: " .mysql_errno(); //die("Query failed"); //Login failed header("location: ../index.php?PageId=login-failed"); } ?> After executing, I got the following warnings: Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /handlers/login_handler.php:2) in /handlers/login_handler.php on line 7 The line 7 is session_start(); Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /handlers/login_handler.php:2) in /handlers/login_handler.php on line 7 The line 7 is session_start(); Warning: session_regenerate_id() [function.session-regenerate-id]: Cannot regenerate session id - headers already sent in /handlers/login_handler.php on line 60 The line 60 is session_regenerate_id(); Warning: Cannot modify header information - headers already sent by (output started at /handlers/login_handler.php:2) in /handlers/login_handler.php on line 70 The line 70 is header("location: ../MyAccount.php"); FYI the login_handler.php does not contain any html tags. It is exactly what I posted. MyAccount.php deos containt html tags. I did not output anything before using Header. I'm getting confused here. Help please. Quote Link to comment https://forums.phpfreaks.com/topic/250062-how-can-i-solve-this-header-rediction-issue/#findComment-1283302 Share on other sites More sharing options...
jcbones Posted October 29, 2011 Share Posted October 29, 2011 You need to make sure there are no spaces before or after your PHP tags, and if the script is UTF-8 encoded, make sure there is no BOM (byte-order-mark) at the beginning of the page. PHP see's all of that as output. Quote Link to comment https://forums.phpfreaks.com/topic/250062-how-can-i-solve-this-header-rediction-issue/#findComment-1283311 Share on other sites More sharing options...
evado Posted October 29, 2011 Author Share Posted October 29, 2011 There was a blank line before the "<?php" and a space after the "?>". By deleting them, the page displayed. Thanks for your help. Quote Link to comment https://forums.phpfreaks.com/topic/250062-how-can-i-solve-this-header-rediction-issue/#findComment-1283313 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.