Page 1 of 1

header working in dev, not production - UPDATED

Posted: Thu Jun 10, 2010 3:11 pm
by esthermstrom
UPDATE
OK, I've done some further testing, and it appears that it ISN'T happening on every form. For example, my login form redirects correctly. In this case, the user enters a username and password, and the code does a select from the database and then redirects. It appears that it's only refusing to redirect when I'm trying to post data to the database. I've had error_reporting(E_ALL) set on all my files, but they weren't displaying any errors. However, I just went out to the server and looked at the error logs the host company maintains, and lo and behold, they've all been throwing the error about not being able to modify headers because headers were already sent. I'm assuming the code that posts to the database is setting some kind of header. I did a bit more research and found that if I surround the code in question with ob_start() and ob_flush(), everything works correctly. Thanks for all your responses, though.


===========================================

I have a form that submits to itself. After reading field values from the database, it should redirect the user to a different page. This works perfectly on my dev box, but on my host (powweb.com) the redirect doesn't work - it just reloads the blank form (the post to database code does work.) I'm not terribly familiar with PHP installs. Is there any reason this function wouldn't work on powweb? Is there something glaringly wrong with my code, or could their install be set up differently to not allow it?

Note that this is the case on ALL my forms, whether they're reading from or writing to the database. Any time I call the header function and try to pass a new location, it just reloads the existing page.

Note that PCBUG_HOMEPATH is set in the required appvars.php file, as define('PCBUG_HOMEPATH', 'http://www.myDomainName.org/');

Here's the basic code:

Code: Select all

<?php 
require_once("connectvars.php"); 
require_once("appvars.php");

$homePath = PCBUG_HOMEPATH;

if (!isset($_COOKIE['user_id'])) {
	if (isset($_POST['submit'])) {
		//connect to db
		$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die ( "Can't connect to the MySQL Server/Database: " . mysqli_connect_error() );
		
		//get user-entered data
		$user_username = mysqli_real_escape_string($dbc, trim($_POST['username']));
		$user_password = mysqli_real_escape_string($dbc, trim($_POST['password']));
		
		if (!empty($user_username) && !empty($user_password)) {
			//look up info in db
			$query="SELECT user_id, username, first_name, last_name, user_level FROM pcbug_users WHERE username='$user_username' and password = SHA('$user_password')";
			$data = mysqli_query($dbc, $query);
			
			if (mysqli_num_rows($data) == 1) {
				//login is ok; set cookies and redirect to home
				$row = mysqli_fetch_array($data);
				setcookie('user_id', $row['user_id']);
				setcookie('username', $row['username']);
				setcookie('userlevel', $row['user_level']);
				setcookie('fullname', $row['first_name'] . " " . $row['last_name']);

				$home_url = $homePath.'index.php'; 
				mysqli_close($dbc);
				header('Location: ' . $home_url);
			}//close user test
			else {
				//login is not correct, set error message
				$error_msg = 'Sorry, you must enter a valid username and password to log in.';
			}//close else
		}//close empty test	
		else {
			//username/password aren't entered, set error
			$error_msg = 'Sorry, you must enter your username and password to log in.';
		}//close empty else
	}//close submit check
}//close user id check

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>pcbug - log in</title>
</head>
<body>

<?php 
//if cookie is empty, show error message and login form; otherwise confirm login
	if (empty($_COOKIE['user_id'])) {
		echo '<div class="error">' . $error_msg . '</div>';
	}
?>

<form action="loginForm.php" method="post">

<fieldset>
<legend>Log In</legend>
<label>Username</label>
<input name="username" type="text" size="32" maxlength="64"/><br />

<label>Password</label>
<input name="password" type="password" size="32" /><br />

<input type="submit" value="Log In" name="submit"/>
</fieldset>
</form>
</body>
</html>

Re: header working in dev, not production

Posted: Thu Jun 10, 2010 4:11 pm
by AbraCadaver
I'm not sure but you need an exit; after the header() call. Maybe that will at least help you debug.

Re: header working in dev, not production

Posted: Thu Jun 10, 2010 4:16 pm
by Benjamin
I don't see where $home_url is set.

To debug this, simply echo the redirect location instead of redirecting;

Code: Select all

echo "Redirecting to: " . 'Location: ' . $home_url;
exit();
header('Location: ' . $home_url);

Re: header working in dev, not production

Posted: Thu Jun 10, 2010 4:20 pm
by cpetercarter
I don't know why your test server and your production server behave differently. It may be that the production server first sends the 'location' header, and then continues to execute the rest of your script, which of course displays your form.
Try adding

Code: Select all

die();
immediately after

Code: Select all

header('Location: ' . $home_url);

Re: header working in dev, not production

Posted: Thu Jun 10, 2010 4:46 pm
by esthermstrom
Benjamin wrote:I don't see where $home_url is set.

To debug this, simply echo the redirect location instead of redirecting;

Code: Select all

echo "Redirecting to: " . 'Location: ' . $home_url;
exit();
header('Location: ' . $home_url);
$home_url is set in here:

Code: Select all

if (mysqli_num_rows($data) == 1) {
                                //login is ok; set cookies and redirect to home
                                $row = mysqli_fetch_array($data);
                                setcookie('user_id', $row['user_id']);
                                setcookie('username', $row['username']);
                                setcookie('userlevel', $row['user_level']);
                                setcookie('fullname', $row['first_name'] . " " . $row['last_name']);

                                $home_url = $homePath.'index.php';
                                mysqli_close($dbc);
                                header('Location: ' . $home_url);
                        }//close user test
And I've tried echoing the value of it - it is evaluating the URL correctly; it just won't actually redirect to it.

Re: header working in dev, not production

Posted: Thu Jun 10, 2010 4:49 pm
by esthermstrom
AbraCadaver wrote:I'm not sure but you need an exit; after the header() call. Maybe that will at least help you debug.
I just tried that, and it reloads the existing URL (the form that was just submitted) but dies before actually rendering the page.

Re: header working in dev, not production

Posted: Thu Jun 10, 2010 4:53 pm
by esthermstrom
cpetercarter wrote:I don't know why your test server and your production server behave differently. It may be that the production server first sends the 'location' header, and then continues to execute the rest of your script, which of course displays your form.
Try adding

Code: Select all

die();
immediately after

Code: Select all

header('Location: ' . $home_url);
Just tried; does the same thing exit does: it reloads the existing URL (the form that was just submitted) but dies before actually rendering the page.

Re: header working in dev, not production

Posted: Thu Jun 10, 2010 4:57 pm
by Benjamin
What exactly is the value of $home_url?

Re: header working in dev, not production - UPDATED

Posted: Thu Jun 10, 2010 5:13 pm
by John Cartwright
Please use the REPLY button instead of adding information to your original post.