jcstanley Posted February 23, 2007 Share Posted February 23, 2007 Hi I have a page 'president.php' with a submit button. When the submit button is clicked it runs the script 'change_president.php' Once the script has completed is it possible to return the user automatically back to the 'president.php' page? Thanks Quote Link to comment Share on other sites More sharing options...
Gruzin Posted February 23, 2007 Share Posted February 23, 2007 header ('Location: president.php'); Quote Link to comment Share on other sites More sharing options...
jcstanley Posted February 23, 2007 Author Share Posted February 23, 2007 header ('Location: president.php'); doesn't work as it redirects before the code is executed. I tried closing the php ?> after the code and the opening a seperate <?php for the header but i get the error - header already sent. Quote Link to comment Share on other sites More sharing options...
joder Posted February 23, 2007 Share Posted February 23, 2007 Can you show us the code? Quote Link to comment Share on other sites More sharing options...
Jessica Posted February 23, 2007 Share Posted February 23, 2007 Put that at the end of the change_president.php script, but before any output. Quote Link to comment Share on other sites More sharing options...
jcstanley Posted February 23, 2007 Author Share Posted February 23, 2007 Here is the change_president.php code The redirection does work but the code before it is not executed. <?php session_start(); //check session variable if (isset($_SESSION['valid_user'])) { $memid= $_GET['memid']; $dbh=mysql_connect ("localhost", "username", "password") or die ('Database unavailable. Please try again later. ' . mysql_error()); mysql_select_db ("database"); $query = "UPDATE members set president = '0' where memid = $memid"; $result = mysql_query($query, $dbh); mysql_close($dbh); header ('Location: /club/president.php'); } ?> Quote Link to comment Share on other sites More sharing options...
Jessica Posted February 23, 2007 Share Posted February 23, 2007 What makes you think its not executed? The code looks fine. You might want to add the or die() clause after your mysql_query as well. Quote Link to comment Share on other sites More sharing options...
jcstanley Posted February 23, 2007 Author Share Posted February 23, 2007 When go into phpmyadmin and check the president value it is 1 and not 0. This script should set it to 0. That is why i don't think it is executed. Quote Link to comment Share on other sites More sharing options...
monk.e.boy Posted February 23, 2007 Share Posted February 23, 2007 mysql_escape_string() your $_GET Someone will hack the url to have something like http://www.site.com/page.php?memid=3';DROP members; then you'll be shafted. or http://www.site.com/page.php?memid=3' or 1=1 and we'll all be president (I like this better ) monk.e.boy Quote Link to comment Share on other sites More sharing options...
jcstanley Posted February 23, 2007 Author Share Posted February 23, 2007 Good point monk.e.boy Thanks Quote Link to comment Share on other sites More sharing options...
jcstanley Posted February 23, 2007 Author Share Posted February 23, 2007 Problem solved. the memid was not being parsed - for some reason it won't parse if i use a submit button, instead i am using a good old fasioned hyperlink and it all works fine now. Thanks for you help Quote Link to comment Share on other sites More sharing options...
Jessica Posted February 23, 2007 Share Posted February 23, 2007 If you're using a form, you should use method="post" and then use $_POST, not $_GET. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.