[SOLVED] header redirect issue...

[tim_bobo]

Hey guys,

 

I've got a strange problem that I can't seem to debug (even after 3 days of trying).

 

I've managed to isolate it down to a couple things, and I'm wondering if you guys have seen this before.

 

I've got a script (http://www.domain.com/signup.php) that calls itself (registers data in a mysql database, sends an email), and then redirects to another script via header(Location: http://www.domain.com/welcome.php).

 

For some reason, in IE7 it is redirecting to the original script (signup.php).  It works fine in Firefox.

 

There is no php error, even when I exit without the redirect.

 

I managed to isolate it down to one line by commenting out sections of code.  Strangely, this is the line that seems to be causing the error:

Line 347: @mysql_query($query);

 

I've changed the Location, I've included error_reporting(E_ALL) and I've run the query in phpMyAdmin.

 

Any comments/suggestions on this would be greatly appreciated,

Tim

[pocobueno1388]

Could you post your code?

 

Also, why do you have an error suppressor in front of your query? If thats the problem, you want to fix the error, not hide it.

[tim_bobo]

Thanks for the reply.

 

Sure, I'll post the code, just want to ask from some advice before I post.

 

While I comb through lots of support forums for solutions (I'd be lost if you guys didn't do what you do), I have to admit to not posting questions very often (I haven't needed to, which is a testament to the effect sites like this has).

 

Do I just post the code as is?  Am I not disclosing too much info about my site?  What can I edit out?

 

Thanks again for your help guys,

Tim

[pocobueno1388]

Well, obviously you don't want to be giving your login information to anything out from your code...like if you were connecting to the database within the code. If the information isn't important for us to see, just leave it out, otherwise replace the important information with stars...like this:

 

<?php

$db_username = "********";
$db_password = "********";

?>

 

As long as you keep that information hidden, you should be fine. Just use your own judgment, if you think it is giving away information it shouldn't, replace it with different info.

 

I agree, all these coding gurus that help everyone out on this forum are awesome. They have all answered so many questions for me, and I couldn't thank them enough. So now I am just giving back by helping the ones out that I am capable of helping =]

[tim_bobo]

Thanks again for the help.

 

I tried to clean it up as much as possible, without removing too much.

 

<?
session_start();

include('functions/connect.php');

db_connect();

if ($_SESSION['userID']){
	header('Location: ' . $domain . '/loggedin/');
	exit;
}

if ($_GET['e']){
	$_SESSION['email'] = $_GET['e'];

	header('Location: ' . $domain . '/signup/');
	exit;
}

if (count($_POST) > 0){
	if(isset($_POST['firstname'])) $_SESSION['firstname'] = $_POST['firstname']; else $_SESSION['firstname'] = false;
	if(isset($_POST['lastname'])) $_SESSION['lastname'] = $_POST['lastname']; else $_SESSION['lastname'] = false;
	if(isset($_POST['email'])) $_SESSION['email'] = $_POST['email']; else $_SESSION['email'] = false;
	if(isset($_POST['username'])) $_SESSION['username'] = $_POST['username']; else $_SESSION['username'] = false;
	if(isset($_POST['password'])) $_SESSION['password'] = $_POST['password']; else $_SESSION['password'] = false;
	if(isset($_POST['confirm'])) $_SESSION['confirm'] = $_POST['confirm']; else $_SESSION['confirm'] = false;
	if(isset($_POST['terms'])) $_SESSION['terms'] = $_POST['terms']; else $_SESSION['terms'] = false;
}

if ($_SESSION['terms'] == 'decline'){
	session_destroy();
	header('Location: ' . $domain);
	exit;
}

if ($_SESSION['terms'] == 'accept'){
	if(isset($_SESSION['firstname'])) $firstname = $_SESSION['firstname']; else $firstname = '';
	if(isset($_SESSION['lastname'])) $lastname = $_SESSION['lastname']; else $lastname = '';
	if(isset($_SESSION['email'])) $email = $_SESSION['email']; else $email = '';
	if(isset($_SESSION['username'])) $username = $_SESSION['username']; else $username = '';
	if(isset($_SESSION['password'])) $password = $_SESSION['password']; else $password = '';
	if(isset($_SESSION['confirm'])) $confirm = $_SESSION['confirm']; else $confirm = '';

	$all_data = true;
	if ($usertype == ""){
		$_SESSION['error_prompt'][] = get_prompt(108);
		$all_data = false;
	}
	if ($firstname == ""){
		$_SESSION['error_prompt'][] = get_prompt(106);
		$all_data = false;
	}
	if ($lastname == ""){
		$_SESSION['error_prompt'][] = get_prompt(107);
		$all_data = false;
	}
	if (strtolower($username) == "sitename"){
		$_SESSION['error_prompt'][] = get_prompt(14);
		$all_data = false;
	}
	else if ($username == ""){
		$_SESSION['error_prompt'][] = get_prompt(15);
		$all_data = false;
	}
	else {
		for ($i = 0; $i < strlen($username); $i++){
			$char = substr($username, $i, 1);
			if (!preg_match('/[A-Za-z0-9_-]/', $char)){
				if ($char == ' '){
					$_SESSION['error_prompt'][] = get_prompt(16);
				}
				else {
					$_SESSION['error_prompt'][] = get_prompt(17, $char, 'S');
				}
				$all_data = false;
			}
		}
		$query = "SELECT * FROM tablename WHERE username='$username'";
		$tbCheck_username = @mysql_query($query);
		if (@mysql_fetch_row($tbCheck_username) > 0){
			$_SESSION['error_prompt'][] = get_prompt(168, $username, 'S');
			$all_data = false;
		}
	}
	if ($password != $confirm){
		$_SESSION['error_prompt'][] = get_prompt(169);
		$all_data = false;
	}
	if ($password == ""){
		$_SESSION['error_prompt'][] = get_prompt(170);
		$all_data = false;
	}
	else {
		if (strlen($password) < 4){
			$_SESSION['error_prompt'][] = get_prompt(21);
			$all_data = false;
		}
		else {
			for ($i = 0; $i < strlen($password); $i++){
				$char = substr($password, $i, 1);
				if (!preg_match('/[A-Za-z0-9_-]/', $char)){
					if ($char == ' '){
						$_SESSION['error_prompt'][] = get_prompt(171);
					}
					else {
						$_SESSION['error_prompt'][] = get_prompt(172, $char, 'S');
					}
					$all_data = false;
				}
			}
		}
	}
	if ($email == ""){
		$_SESSION['error_prompt'][] = get_prompt(173);
		$all_data = false;
	}
	if ($email != ""){
		$have_at = 'false';
		$have_dot = 'false';
		for ($i = 0; $i < strlen($email); $i++){
			$char = substr($email, $i, 1);
			if (!preg_match('/[[email protected]]/', $char)){
				if ($char == ' '){
					$_SESSION['error_prompt'][] = get_prompt(25);
				}
				else {
					$_SESSION['error_prompt'][] = get_prompt(26, $char, 'E');
				}
				$all_data = false;
			}
			if ($char == '.' AND $have_at == 'true'){
				$have_dot = 'true';
			}
			else if ($char == '@'){
				$have_at = 'true';
			}
		}
		if ($have_at == 'false' OR $have_dot == 'false'){
			$_SESSION['error_prompt'][] = get_prompt(27);
			$all_data = false;
		}
		$query = "SELECT * FROM tablename WHERE email='$email'";
		$tbCheck_email = @mysql_query($query);
		if (@mysql_num_rows($tbCheck_email) > 0){
			$_SESSION['error_prompt'][] = get_prompt(174, $email, 'S');
			$all_data = false;
		}
	}
	if ($all_data) {
		$registered = time();

		$hashed_password = @md5($password);

		$query = "INSERT INTO tablename (username, password, firstname, lastname, email, signup) VALUES ('$username', '$hashed_password', '$firstname', '$lastname', '$email', '$registered')";
/* This is the line the seems to be effecting the header re-direct
		@mysql_query($query);
*/
		$userID = @mysql_insert_ID();

		$headers = "From: sitename <[email protected]>";
		$mailSubject = "Your new sitename account";
		$mailMessage = "$firstname $lastname,\n\nUsername: $username\nPassword: $password\n\n";
		@mail($email, $mailSubject, $mailMessage, $headers);

		unset($_SESSION['firstname']);
		unset($_SESSION['lastname']);
		unset($_SESSION['username']);
		unset($_SESSION['password']);
		unset($_SESSION['confirm']);

		unset($_SESSION['terms']);

		unset($_SESSION['error_prompt']);
		header('Location: ' . $domain . '/welcome/');
		exit;
	}
	else {
		unset($_SESSION['terms']);

		header('Location: ' . $domain . '/signup/');
		exit;
	}
}

print '<form name="signup" action="' . $domain . '/signup/" method="post">';
print '<table class="signup_form" cellspacing="0">';
print '<tr>';
print '<td class="col1">First Name</td>';
print '<td class="col2"><input type="text" name="firstname" value="' . $firstname . '" maxlength="40" /></td>';
print '</tr>';
print '<tr>';
print '<td class="col1">Last Name</td>';
print '<td class="col2"><input type="text" name="lastname" value="' . $lastname . '" maxlength="40" /></td>';
print '</tr>';
print '<tr>';
print '<td class="col1">Username</td>';
print '<td class="col2"><input type="text" name="username" value="' . $username . '" maxlength="10" /></td>';
print '</tr>';
print '<tr>';
print '<td class="col1">Password</td>';
print '<td class="col2"><input type="password" name="password" maxlength="10" /></td>';
print '</tr>';
print '<tr>';
print '<td class="col1">Re-Enter Password</td>';
print '<td class="col2"><input type="password" name="confirm" maxlength="10" /></td>';
print '</tr>';
print '<tr>';
print '<td class="col1">Email Address</td>';
print '<td class="col2"><input type="text" name="email" value="' . $email . '" maxlength="40" /></td>';
print '</tr>';
print '<tr>';
print '<td class="legal" colspan="2" align="center">';
print 'I have read, understand and';
print '<div>';
print '<label><input type="radio" name="terms" value="accept" />I Accept</label>';
print '<label><input type="radio" name="terms" value="decline" />I do not Accept</label>';
print '</div>';
print '<a href="' . $domain . '/terms/" target="_blank">the Terms & Conditions of Use</a>';
print '</td>';
print '</tr>';
print '<tr>';
print '<td class="legal" colspan="2" align="center">';
print '<input type="submit" value="Sign Up" />';
print '</td>';
print '</tr>';
print '</table>';
print '</form>';



?>

[pocobueno1388]

From looking at it, it's pretty hard to diagnose the problem as there is so much code...but I don't think the line you think is effecting the header really is...I don't see how that could interfere.

 

That is strange that it works fine in one browser, then does something different in the other.

 

Hopefully someone else can come along and figure it out, I don't see anything that jumps up at me that I think could be the problem.

[tim_bobo]

pocobueno1388,

 

Thanks for your help getting me started.

 

Yeah, it's weird error.  I'm not getting any php or mysql error messages.  I built a session variable to track the script execution.  With all the correct data, it creates the user, sends the email and calls itself again.  At which point, it returns as all_data = false, because the user is already registered and calls itself again.  So it actually calls itself twice in quick succession.

 

It's equally strange that this code work in firefox2, but not IE7....even though it seems to be a server side thing.

 

Thanks for any help you guys can provide,

Tim

[tim_bobo]

More information.

 

I decided to test this on my live server....and it worked as expected in both IE7 and Firefox.  So the issue seems to be on my localhost using IE7.

 

Strange....could this be a cache issue?

 

Thanks for any comments/suggestions you guys may have,

Tim

[tim_bobo]

Hey guys,

 

I solved my problem, and while it's not a php issue, I thought I'd post the solution.

 

It turns out it was a javascript error.  In addition to submitting the form with a submit button, I was calling a javascript function with onsubmit, that, amoung other things, was also submitting the form.  So the form was actually being submitted twice.

 

Here's an example off the code:

<script>
function doSignup() {
document.signup.firstname.value = escape(document.signup.firstname_input.value);
document.signup.lastname.value = escape(document.signup.lastname_input.value);
document.signup.submit();
}
</script>

<form name="signup" action="this.php" method="post" onsubmit="return doConfirm();">
<input type="text" name="firstname_input" />
<input type="text" name="lastname_input" />
<input type="submit" value="Sign Up" />
</form>

 

Hope this is helpful,

Tim