re directing page using header function
Posted: Thu Feb 19, 2004 4:06 am
helo all. i had my page working fine bt the started to play with it and it stoped working it is a simply login in pag and if your username name and password match the ones in a mysql table it lets you thorogth to the next stage. to get to the next stage i am using the header function but when you get there it says" Cannot modify header information header already sent" can any help me please the code is below;
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>content</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="1dsgn.css" rel="stylesheet" type="text/css">
</head>
<body class="contentBack">
<?php
if (isset($_POST['submit'])) {
define ('DB_USER', 'root');
define ('DB_PASSWORD', '');
define ('DB_HOST', 'localhost');
define ('DB_NAME', 'ecommerce2');
$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );
mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() );
function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}
$message = NULL;
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>'?>
<span class="text5"> You forgot to enter your username! </span><?php echo'</p>';
} else {
$u = escape_data($_POST['username']);
}
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>'?><span class="text5"> You forgot to enter your password!</span><?php echo'</p>';
} else {
$p = escape_data($_POST['password']);
}
if ($u && $p) {
$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=PASSWORD('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
// Set the cookies & redirect.
//setcookie ('first_name', $row[1]);
//setcookie ('user_id', $row[0]);
header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/confirm.php");
exit();
} else {
$message = '<p>'?> <span class="text5">The username and password entered
do not match those on file</span>.<?php echo'</p>';
}
mysql_close();
} else {
$message .= '<p>Please try again.</p>';
}
}
// Print the error message if there is one.
if (isset($message)) {
?><span class="text5"> <?php echo'$message, '?></span> <?php ;
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<legend class="headline">Login Screen</legend>
<p><span class="text3">User Name:</span>
<input type="text" name="username" size="10" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
<p><span class="text3">Password: </span>
<input type="password" name="password" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
</form>
</body>
</html>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>content</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="1dsgn.css" rel="stylesheet" type="text/css">
</head>
<body class="contentBack">
<?php
if (isset($_POST['submit'])) {
define ('DB_USER', 'root');
define ('DB_PASSWORD', '');
define ('DB_HOST', 'localhost');
define ('DB_NAME', 'ecommerce2');
$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );
mysql_select_db (DB_NAME) OR die ('Could not select the database: ' . mysql_error() );
function escape_data ($data) {
global $dbc;
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
}
$message = NULL;
if (empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>'?>
<span class="text5"> You forgot to enter your username! </span><?php echo'</p>';
} else {
$u = escape_data($_POST['username']);
}
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>'?><span class="text5"> You forgot to enter your password!</span><?php echo'</p>';
} else {
$p = escape_data($_POST['password']);
}
if ($u && $p) {
$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=PASSWORD('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
// Set the cookies & redirect.
//setcookie ('first_name', $row[1]);
//setcookie ('user_id', $row[0]);
header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/confirm.php");
exit();
} else {
$message = '<p>'?> <span class="text5">The username and password entered
do not match those on file</span>.<?php echo'</p>';
}
mysql_close();
} else {
$message .= '<p>Please try again.</p>';
}
}
// Print the error message if there is one.
if (isset($message)) {
?><span class="text5"> <?php echo'$message, '?></span> <?php ;
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset>
<legend class="headline">Login Screen</legend>
<p><span class="text3">User Name:</span>
<input type="text" name="username" size="10" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
<p><span class="text3">Password: </span>
<input type="password" name="password" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
</form>
</body>
</html>