PHP redirect if id is missing

[justin7410]

Trying to create a Redirect using PHP , to first check for a valid ID, if valid id is missing to send back to index.php

 

My first code:

 

 

    if( ! is_numeric($id) )
 {  die('Sorry, you selected an invalid ID'); }

This works perfectly fine and when deleting the id from the URL , the die occurs and i get the correct error message.

 

Now , I am trying to create a redirect after the security measure 

 

The code i entered was the following: 

    if( ! is_numeric($id) ) {
  header("Location: index.php");
  }
 

 

Now this code does not seem to do the trick, since when i go to the URL and delete the id to check if anything happens, the page redirect sends me nowhere.

 

Keep in mind the FIRST CODE is being replaced by the SECOND CODE and they are NOT included together

 

Any thoughts or suggestions ??

 

Thanks

[PaulRyan]

My guess is that firstly, error reporting is not turned on and secondly, that you are outputting content before the redirect.

 

Turn on Error Reporting: (Place at the top of the file)

 

   error_reporting(E_ALL);
   ini_set("display_errors", 1);

 

Check for anything you are displaying, or spaces above the opening PHP tag.

 

Also, you should use exit after the header redirect line, to stop PHP parsing the rest of the file.

[justin7410]

i also added the exit i forgot to mention but thanks for adding that...

 

 

 

    if( ! is_numeric($id) ) {
  header("Location: index.php");
exit();
  }

 

 

for the error reporting 

 

 

 

   error_reporting(E_ALL);
   ini_set("display_errors", 1);
 
 

why is this needed for the header(); to work ?

Edited March 26, 2013 by justin7410

[PaulRyan]

Because that code will show any errors on the page that may be preventing the redirect from executing.

[justin7410]

Ah i see what your saying that makes sense . So there error is reporting now

 

This is my code:

 

 

<?php include('include/init.php'); 
   error_reporting(E_ALL);
   ini_set("display_errors", 1);
   
$id = $_GET['id'];


    $idQuery = mysql_query(
   "SELECT * 
FROM  `content` 
WHERE `id`=$id
LIMIT 0 , 20");




    if(isset($id)){
    $rows = mysql_fetch_assoc($idQuery);
    if (isset($rows['id'])){ 
    extract($rows);
    }
    } 
     if( ! is_numeric($id]) ) {
header("location: index.php"); 
exit; 
  } ?>

 

Now the error i receive after putting in the code you added i display these errors:

  

 

Warning: Cannot modify header information - headers already sent by (output started at /home/justin/public_html/core/database/dbconnect.php:35) in /home/justin/public_html/watch.php on line 21

 

i played around with the position of the header trying to put it after the variable is declared, with no luck .

 

any other suggestions ?

[PaulRyan]

The error is telling you exactly where to look.

 

Line 35 in the file 'dbconnect.php'

[justin7410]

hmm that makes zero sense to me .

 

its calling to look at my dbconnect.php to a line that is not even holding any code.

 

my dbconnect doesnt call to any header , it simply contains the connection to the DB and 2 conditionals simply checking if the DB and and server are connected to .

 

 

 

<?php
// CONNECTION TO DATABASE




$connect =  mysql_connect('localhost','username','pass');
$db = mysql_select_db('db_2_connect', $connect);


if (!$connect)
{
  die('Could not connect to Server: ' . mysql_error());
}


if (!$db)
{
  die('Could not connect to Database: ' . mysql_error());
}


?>
 

 

for the life of me i cant make the connection of how the error calls this page. ??

[PaulRyan]

It probably contains extra space at the bottom of the file. Remove the PHP closing tags from the bottom "?>" then save the changes and retry.

 

The closing tags are not needed in a PHP file, it helps prevent errors like this, where there is a space or a line break at the end of a file that is being included.

[justin7410]

you sir are awesome !

 

rep for you !

 

thanks man