mds1256 Posted August 13, 2012 Share Posted August 13, 2012 Looking to redirect my user to a new page after successfully logging in via a form. I have refactored my code slightly to cut down on unnecessary code so the I was doing it no longer works (getting the headers already sent error), I know why this is happening but I need some ideas on how I can now achieve this? Any ideas would be great. function loginForm() { $displayForm = true; $error = ""; $username = ""; if(isset($_POST['signInSubmit'])) { $username = mysqli_real_escape_string(cf_dbConnect(), $_POST['username']); $password = mysqli_real_escape_string(cf_dbConnect(), $_POST['password']); $query = mysqli_query(cf_dbConnect(), "call sp_checkLoginDetails('{$username}', '{$password}')"); if(mysqli_num_rows($query) == 1) { $_SESSION['isLoggedIn'] = true; while($row = mysqli_fetch_object($query)) { $_SESSION['firstName'] = $row->firstName; } mysqli_query(cf_dbConnect(), "call sp_updateLoginDateTime('{$_SESSION['firstName']}')"); header("Location: ."); // this is the point where the headers are already sent I know why this happens, need an alternative way } else { $error = "<div id=\"formMessages\">Username or Password is incorrect. Please try again.</div>"; } } if($displayForm) { echo " <form name=\"signInForm\" id=\"signInForm\" method=\"post\" action=\"\"> <label for=\"username\">Username:</label><br /> <input type=\"text\" name=\"username\" id=\"signInFormUsername\" class=\"formField\" value=\"{$username}\" /><br /><br /> <label for=\"password\">Password:</label><br /> <input type=\"password\" name=\"password\" id=\"signInFormPassword\" class=\"formField\" /><br /><br /> <input type=\"submit\" id=\"signInSubmit\" name=\"signInSubmit\" value=\"Login\" /> </form> <br /> {$error} "; } } Quote Link to comment Share on other sites More sharing options...
floridaflatlander Posted August 13, 2012 Share Posted August 13, 2012 Do you have any white space in the html before you call the function? Have you already sent the header like ... include('header.php'); before the function loginForm. Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 I know why its doing it as I am calling the header etc. e.g. <?php require_once('header.php'); ?> <p>some general login text here.....</p> <?php loginForm(); ?> Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 13, 2012 Share Posted August 13, 2012 I suggest you read about templating systems IE Smarty, and try to incorporate one. The way you're doing it, by having a function echo HTML, goes against the idea of separating business/logic from presentation. Quote Link to comment Share on other sites More sharing options...
floridaflatlander Posted August 13, 2012 Share Posted August 13, 2012 Is this someone else's code? Play with it some, $displayForm = true; $error = ""; $username = ""; if(isset($_POST['signInSubmit'])) { $username = mysqli_real_escape_string(cf_dbConnect(), $_POST['username']); $password = mysqli_real_escape_string(cf_dbConnect(), $_POST['password']); $query = mysqli_query(cf_dbConnect(), "call sp_checkLoginDetails('{$username}', '{$password}')"); if(mysqli_num_rows($query) == 1) { $_SESSION['isLoggedIn'] = true; while($row = mysqli_fetch_object($query)) { $_SESSION['firstName'] = $row->firstName; } mysqli_query(cf_dbConnect(), "call sp_updateLoginDateTime('{$_SESSION['firstName']}')"); header("Location: ."); // this is the point where the headers are already sent I know why this happens, need an alternative way } else { $error = "<div id=\"formMessages\">Username or Password is incorrect. Please try again.</div>"; } } if($displayForm) { require_once('header.php'); echo " <form name=\"signInForm\" id=\"signInForm\" method=\"post\" action=\"\"> <label for=\"username\">Username:</label><br /> <input type=\"text\" name=\"username\" id=\"signInFormUsername\" class=\"formField\" value=\"{$username}\" /><br /><br /> <label for=\"password\">Password:</label><br /> <input type=\"password\" name=\"password\" id=\"signInFormPassword\" class=\"formField\" /><br /><br /> <input type=\"submit\" id=\"signInSubmit\" name=\"signInSubmit\" value=\"Login\" /> </form> <br /> {$error} "; } Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 nope, my code.... will give it ago. Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted August 13, 2012 Share Posted August 13, 2012 Have you included cf_dbConnect() in the script ? Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 Have you included cf_dbConnect() in the script ? Yeah. My whole code is as follows: signin.php <?php require_once('_coreFunctions.php'); // this is where DB functions are e.g. connection etc require_once('_signInFunctions.php'); require_once('header.php'); // this has HTML inside of it e.g. head tag etc ?> <div id="contentBoxWrapper"> <div id="contentBoxTop"> <div id="contentBoxTopInner"><a href="/" class="firstLink">Home</a> <span class="breadcrumbDivider">></span> Sign In<hr /></div> </div> <div id="contentBoxContent"> <div id="signInFormWrapper"> <h1>Sign In</h1> <?php sif_loginForm(); ?> // this is where I call the login form function...... <br /> <a href="resetpassword">Forgotten password?</a> </div> <div id="signInRegisterFormWrapper"> <h1>Register Now</h1> <form name="registerForm" method="post" action=""> <label for="username">Username:</label><br /><input type="text" name="username" class="formField" /><br /><br /> <label for="password">Password:</label><br /><input type="password" name="password" class="formField" /><br /><br /> <input type="submit" value="Register" /> </form> </div> </div> <div id="contentBoxBottom"></div> </div> <?php require_once('footer.php'); ?> _signInFunctions.php <?php require_once('_coreFunctions.php'); function sif_loginForm() { $displayForm = true; $error = ""; $username = ""; if(isset($_POST['signInSubmit'])) { $username = mysqli_real_escape_string(cf_dbConnect(), $_POST['username']); $password = mysqli_real_escape_string(cf_dbConnect(), $_POST['password']); $query = mysqli_query(cf_dbConnect(), "call sp_checkLoginDetails('{$username}', '{$password}')"); if(mysqli_num_rows($query) == 1) { $_SESSION['isLoggedIn'] = true; while($row = mysqli_fetch_object($query)) { $_SESSION['firstName'] = $row->firstName; } mysqli_query(cf_dbConnect(), "call sp_updateLoginDateTime('{$_SESSION['firstName']}')"); header("Location: ."); // this is my redirect part } else { $error = "<div id=\"formMessages\">Username or Password is incorrect. Please try again.</div>"; if($username == "username...") { $username = ""; } } } if($displayForm) { echo " <form name=\"signInForm\" id=\"signInForm\" method=\"post\" action=\"\"> <label for=\"username\">Username:</label><br /> <input type=\"text\" name=\"username\" id=\"signInFormUsername\" class=\"formField\" value=\"{$username}\" /><br /><br /> <label for=\"password\">Password:</label><br /> <input type=\"password\" name=\"password\" id=\"signInFormPassword\" class=\"formField\" /><br /><br /> <input type=\"submit\" id=\"signInSubmit\" name=\"signInSubmit\" value=\"Login\" /> </form> <br /> {$error} "; } } ?> Quote Link to comment Share on other sites More sharing options...
floridaflatlander Posted August 13, 2012 Share Posted August 13, 2012 To me it looks like you're still trying to redirect after you've called your header at require_once('header.php'); & You're calling require_once('_coreFunctions.php'); outside the sif_loginForm function? Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 To me it looks like you're still trying to redirect after you've called your header at require_once('header.php'); & You're calling require_once('_coreFunctions.php'); outside the sif_loginForm function? Yeah, this is my current code... I cannot seem to find a way to call the function before HTML has been outputted due to the header and where in the HTML this function is being called. I had a bit of a mess about with ob_start() and ob flush and that worked but that is more of a sticking plaster rather than a solution. the _coreFunctions.php is being called in the whole find so it doesnt need to be re-called in the function. Quote Link to comment Share on other sites More sharing options...
floridaflatlander Posted August 13, 2012 Share Posted August 13, 2012 You have your register and login on the same page. I'd take everything out of the function until you get more experience. Also I'd put the register on one page and login in on another page. Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted August 13, 2012 Share Posted August 13, 2012 Your code is a little bit messy. Have you got a real user name ? Put this code inside the while loop: while($row = mysqli_fetch_object($query)) { echo '<pre>'.print_r($row, true).'</pre>'; exit; $_SESSION['firstName'] = $row->firstName; } Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 Forget about the register form, it doesnt do anything at the moment and is just a placeholder for the form at the moment. the username is an email address. what does that code do? Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted August 13, 2012 Share Posted August 13, 2012 Forget about the register form, it doesnt do anything at the moment and is just a placeholder for the form at the moment. the username is an email address. what does that code do? Keep learning and come back later again. Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 Keep learning and come back later again. very helpful. The login part works fine, its the re-direct that doesnt.... Like I said forget about the register form at the moment, it has no bearing on what I am trying to achieve. Quote Link to comment Share on other sites More sharing options...
Jessica Posted August 13, 2012 Share Posted August 13, 2012 When you don't know what code does, look it up in the manual. http://php.net/function here. Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 When you don't know what code does, look it up in the manual. http://php.net/function here. Yeah I know, I didn't mean what does the code do, I know what that part does as I wrote it. What I meant was what is that going to achieve as it doesn't have anything to do with what I am asking. Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted August 13, 2012 Share Posted August 13, 2012 Have you tried dumping the contents of $row? Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 13, 2012 Author Share Posted August 13, 2012 Have you tried dumping the contents of $row? That part is working so not sure why you keep looking at that part? Quote Link to comment Share on other sites More sharing options...
floridaflatlander Posted August 13, 2012 Share Posted August 13, 2012 forget about the register form at the moment, it has no bearing on what I am trying to achieve. yes does because you're calling the header on the register form. I don't think you know enough to make that statement. Like I said ... I'd take everything out of the function until you get more experience. Also I'd put the register on one page and login in on another page. Quote Link to comment Share on other sites More sharing options...
Christian F. Posted August 13, 2012 Share Posted August 13, 2012 The problem is a very simple one, and explain in the sticky HEADER ERRORS - READ HERE BEFORE POSTING THEM. I recommend doing as the title says. Also: Always use die () after using a header redirect. If you don't, PHP will continue to parse your script all the way to the end, and possibly cause some security issues (or some other damage). Jazzman1: I'm afraid you're barking up the wrong tree on this one, the OP clearly demonstrated the problem in an earlier post. Quote Link to comment Share on other sites More sharing options...
jazzman1 Posted August 14, 2012 Share Posted August 14, 2012 Jazzman1: I'm afraid you're barking up the wrong tree on this one, the OP clearly demonstrated the problem in an earlier post. Aha, now I've got it. He doesn't make the differences between require_once('header.php') and header("Location: .") Quote Link to comment Share on other sites More sharing options...
Christian F. Posted August 14, 2012 Share Posted August 14, 2012 Not quite. The header () call is inside a function that prints the login form, and that function is used where...? Quote Link to comment Share on other sites More sharing options...
mds1256 Posted August 14, 2012 Author Share Posted August 14, 2012 Also: Always use die () after using a header redirect. If you don't, PHP will continue to parse your script all the way to the end, and possibly cause some security issues (or some other damage). Thanks for the tip The sif_loginForm function is used on the signin.php inside the signInFormWrapper DIV I have had a look at that artice and like I say I know why this is happening, just trying to get the best solution? Quote Link to comment Share on other sites More sharing options...
floridaflatlander Posted August 14, 2012 Share Posted August 14, 2012 Play with it some, and I'd take everything out of the function until you get more experience. Also I'd put the register on one page and login in on another page. Keep playing if you have, if you haven't just play with it, it's really simple if you put the register & login on two pages. Once you see whats happening you can combine them. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.