re directing page using header function

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Trevor_needs_help
Forum Newbie
Posts: 20
Joined: Thu Jan 29, 2004 8:13 am

re directing page using header function

Post by Trevor_needs_help »

helo all. i had my page working fine bt the started to play with it and it stoped working it is a simply login in pag and if your username name and password match the ones in a mysql table it lets you thorogth to the next stage. to get to the next stage i am using the header function but when you get there it says" Cannot modify header information header already sent" can any help me please the code is below;

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>content</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="1dsgn.css" rel="stylesheet" type="text/css">
</head>
<body class="contentBack">
<?php

if (isset($_POST['submit'])) {

define ('DB_USER', 'root');
define ('DB_PASSWORD', '');
define ('DB_HOST', 'localhost');
define ('DB_NAME', 'ecommerce2');

$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );
mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() );


function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}

$message = NULL;


if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>'?>
<span class="text5"> You forgot to enter your username! </span><?php echo'</p>';
} else {
$u = escape_data($_POST['username']);
}


if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>'?><span class="text5"> You forgot to enter your password!</span><?php echo'</p>';
} else {
$p = escape_data($_POST['password']);
}

if ($u && $p) {


$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=PASSWORD('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);

if ($row) {

// Set the cookies & redirect.
//setcookie ('first_name', $row[1]);
//setcookie ('user_id', $row[0]);
header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/confirm.php");

exit();

} else {
$message = '<p>'?> <span class="text5">The username and password entered
do not match those on file</span>.<?php echo'</p>';
}

mysql_close();

} else {
$message .= '<p>Please try again.</p>';
}

}


// Print the error message if there is one.
if (isset($message)) {
?><span class="text5"> <?php echo'$message, '?></span> <?php ;
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<legend class="headline">Login Screen</legend>

<p><span class="text3">User Name:</span>
<input type="text" name="username" size="10" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>

<p><span class="text3">Password: </span>
<input type="password" name="password" size="20" maxlength="20" /></p>

<div align="center"><input type="submit" name="submit" value="Login" /></div>

</form>

</body>
</html>
User avatar
Dr Evil
Forum Contributor
Posts: 184
Joined: Wed Jan 14, 2004 9:56 am
Location: Switzerland

Post by Dr Evil »

You can not send a header after you sent the page content! Check out these posts:

viewtopic.php?t=18207
and
viewtopic.php?t=17867
Trevor_needs_help
Forum Newbie
Posts: 20
Joined: Thu Jan 29, 2004 8:13 am

Post by Trevor_needs_help »

i have read these two and under stand that header infomation must be sent beofre anything else but the page works fine with out the following tags;
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>content</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="1dsgn.css" rel="stylesheet" type="text/css">
</head>
<body class="contentBack">

but i need these tags to get CSS to work correctly with the page but these tags cause the error. is there any way around this problem.
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

You just need to re-arrange your logic. You need to check to see if the user needs redirecting before any of the HTML is outputted. A bit of reorganising of your code is required.

Mark
User avatar
Dr Evil
Forum Contributor
Posts: 184
Joined: Wed Jan 14, 2004 9:56 am
Location: Switzerland

Post by Dr Evil »

You'll have to reorder your page. The theory is:

1) if posts exist: test them and redirect or set error_message
2) if no posts show form (HTML)
3) if posts but error show form with error_message (HTML)

I can look more precisely at your code, but you'll get the idea faster if you do it yourself. Tell me.

(Hint: Try to keep the DB connection info out of the page)

[EDIT: Bech100 beat me on that post !!]
Trevor_needs_help
Forum Newbie
Posts: 20
Joined: Thu Jan 29, 2004 8:13 am

Post by Trevor_needs_help »

the users needs to enter a username and password to get re-directed. so how can i redirect them when the hander information must be declaired before anything else is done?
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

pseudo code

Code: Select all

if ($form_has_been_submitted) {
    // Query the database
   if ($user_exists) {
        //redirect user
    } else {
        print $error_message;
    }
} else { // Form hasn't been submitted
    // Output all the HTML and login form
}
Mark
User avatar
Pointybeard
Forum Commoner
Posts: 71
Joined: Wed Sep 03, 2003 7:23 pm
Location: Brisbane, AUS
Contact:

Post by Pointybeard »

1. User enters username & pass and submits the form. Form submit loads the same page again.

Code: Select all

&lt;form action="&lt;?= $_SERVER&#1111;php_self] ?&gt;" method="post"&gt; ...
2. Top of the page, before display stuff and before any whitespace, put code to check if the login form was submitted and if so, process it.

Code: Select all

<?php
if(isset($_POST[submit_button])){
  if(Pass word is good){
    header("location: URL");
  }else{
    $err = "Bad login details";
  }
}
?>
If the info is correct, redirect the page. Otherwise continue on loading the current page (Login) Put some error message stuff in or somthing

That what you want?

-PB

?>
Trevor_needs_help
Forum Newbie
Posts: 20
Joined: Thu Jan 29, 2004 8:13 am

Post by Trevor_needs_help »

i am still getting the same problem. when i use the following code everything works fine
<?php

if (isset($_POST['submit'])) { // Handle the form.

//require_once ('../mysql_connect.php'); // Connect to the db.
define ('DB_USER', 'root');
define ('DB_PASSWORD', '');
define ('DB_HOST', 'localhost');
define ('DB_NAME', 'ecommerce2');

// Make the connnection and then select the database.
$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );
mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() );

// Create a function for escaping the data.
function escape_data ($data) {
global $dbc; // Need the connection.
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
} // End of function.

$message = NULL; // Create an empty new variable.

// Check for a username.
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>You forgot to enter your username!</p>';
} else {
$u = escape_data($_POST['username']);
}

// Check for a password.
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>You forgot to enter your password!</p>';
} else {
$p = escape_data($_POST['password']);
}

if ($u && $p) { // If everything's OK.

// Retrieve the user_id and first_name for that username/password combination.
$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=PASSWORD('$p')";
$result = @mysql_query ($query); // Run the query.
$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.

if ($row) { // A record was pulled from the database.

// Set the cookies & redirect.
//setcookie ('first_name', $row[1]);
//setcookie ('user_id', $row[0]);
header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/confirm.php");
exit(); // Quit the script.

} else { // No record matched the query.
$message = '<p>The username and password entered do not match those on file.</p>';
}

mysql_close(); // Close the database connection.

} else {
$message .= '<p>Please try again.</p>';
}

} // End of the main Submit conditional.

// Set the page title and include the HTML header.
$page_title = 'Login';
//include ('templates/header.inc');

// Print the error message if there is one.
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
?>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset><legend>Enter your information in the form below:</legend>

<p><b>User Name:</b> <input type="text" name="username" size="10" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>

<p><b>Password:</b> <input type="password" name="password" size="20" maxlength="20" /></p>

<div align="center"><input type="submit" name="submit" value="Login" /></div>

</form><!-- End of Form -->

<?php
//include ('templates/footer.inc'); // Include the HTML footer.
?>

but i need to add in the following information

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>content</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="1dsgn.css" rel="stylesheet" type="text/css">
</head>

<body class="contentBack">


</body>
</html>

so i can use CSS
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

if you did what me and Pointybeard said, it would work. you haven't reorganized your code from what i can see.

Do you actually understand why it works when you take that HTML out. If you did, i think you would be able to rectify the problem easily.

Mark
Post Reply