Jump to content

Flow of the page using required a page

Shadowing

By Shadowing
in PHP Coding Help

 Share

Recommended Posts

Shadowing Advanced Member

Shadowing

Posted
Posted

I'm having a issue at the moment where my required page is being read when it shouldnt be. This if statement is true to where the first header in the if statement activates header("Location: forgotpassword.php");

 

but yet for some reason it reads the required safe page at the very bottom. if i disable the required safe.php the header works.

 

Does required files not work with the flow of a page or something? Cause thats what appears to be going on here.

 

	// if npd is in the link the the user access the page from a link in their email cause they forgot their password
if (isset($_GET['npd']) && (!isset($_SESSION['user_id']))) {
					// grabs user name and password from the link then seperates it into an array
				$seperate = explode("-", $_GET['npd']);

		$link_name = $seperate[0];
		$forgotpd = $seperate[1];
							// checks if username matches a deleted or banned account
				$count3 = "SELECT forgotpd FROM users WHERE name= '".mysql_real_escape_string($link_name)."' AND forgotpd= '".mysql_real_escape_string($forgotpd)."'";
				$count2 = mysql_query($count3) or die(mysql_error());
				$count1 = mysql_num_rows($count2);
  
	if($count1 < 1){

		$_SESSION['mycache'] = "That recovery password link has already been used. If you didnt change your password after reseting your password then you will need to reset it again."; 
		header("Location: forgotpassword.php");
	}else{

			// Search the database and get the password, id, and login ip that belongs to the name in the username field.
			$users3 = "SELECT login_ip,goauld,id FROM users WHERE name= '".mysql_real_escape_string($link_name)."' AND forgotpd= '".mysql_real_escape_string($forgotpd)."'"; 
			$users2 = mysql_query($users3) or die(mysql_error());
			$users1 = mysql_fetch_array($users2); 


				// checks to see if the login ip has an ip already 								
	if(empty($users1['login_ip'])){ 
		$users1['login_ip'] = $_SERVER['REMOTE_ADDR'];
	}

				// if the ip is different from the ip that is on the database it will store it	
   				$ip_information = explode("-", $users1['login_ip']); 

	if (in_array($_SERVER['REMOTE_ADDR'], $ip_information)) {
		$users1['login_ip'] = $users1['login_ip'];

		} else {

		$users1['login_ip'] = $users1['login_ip']."-".$_SERVER['REMOTE_ADDR'];	
	}	
			// creates session for user id and login time	
			$_SESSION['user_id'] = $users1['id'];// stores the id of the user
			$_SESSION['goauld'] = $users1['goauld'];
			$_SESSION['login_time'] = time(); // stores the log in time of the user

	$forgotpd= "UPDATE users SET password = '".mysql_real_escape_string($forgotpd)."' , login_count= login_count+1 , userip='".($_SERVER['REMOTE_ADDR'])."', login_ip='".($users1['login_ip'])."' , forgotpd= '' WHERE name= '".mysql_real_escape_string($link_name)."' AND forgotpd = '".mysql_real_escape_string($forgotpd)."'";
	mysql_query($forgotpd) or die(mysql_error());

$_SESSION['mycache'] = "Your password has been reset. You will need to change your password in order to log in again in the future.";	

		header("Location: account_settings.php");
}
}


require("safe.php");

Link to comment
https://forums.phpfreaks.com/topic/257737-flow-of-the-page-using-required-a-page/
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

Anytime you use a header() redirect, you need to follow it immediately with exit(); to prevent further execution of code in the script. Try that and see if the problem persists.

Shadowing Advanced Member

Shadowing

Posted
  • Author
Posted

Oh wow. yah that fixed it.

 

thats crazy i never ran into issues like this before. wow i need to go over 30 pages and add that to all headers. I think i never came accross this issue cause i rarely take advantage of the page flow to where id make things activate in order.

 

thanks alot for the help

Shadowing Advanced Member

Shadowing

Posted
  • Author
Posted

lol now im trying to think of ways i can take advantage of that in the future. letting me issue a header and still let it read true statements on the rest of the page.  Cant believe all this time i thought header was a complete future code stop

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.