Cookie() Header() problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
crc
Forum Newbie
Posts: 5
Joined: Thu Jan 13, 2005 10:31 pm

Cookie() Header() problem

Post by crc »

Hello,

First post here. I am having trouble with my member login page. I've thrown together some code that shows basically how I'm doing stuff. POST data is put through a couple data checks, and if the user gives good data the data is compared to my database.

What I am having problems with is this. If the POST data matches my database I want to set a cookie, and then redirect the user to the member home page.

When I try to set a cookie or use header() I get the output already started error. The thing is I can't figure out why I'm getting the error. Please look at my code and let me know if you see what I'm doing wrong. Thank you.

Code: Select all

<?php

if (isset($_POST&#1111;'submitted'])) &#123;
	$cv = count($HTTP_POST_VARS);
	if ($cv === 3) &#123;
		if ($_POST&#1111;'submitted'] === "true") &#123;
			$tampered = "false";
			if (!isset($_POST&#1111;'username'])) &#123;
				$tampered = "true";
			&#125;
			if (!isset($_POST&#1111;'password'])) &#123;
				$tampered = "true";
			&#125;
			if ($tampered === "false") &#123;
				$proceed = "true";
				$username = str_replace(" ", "", $_POST&#1111;'username']);
				$password = str_replace(" ", "", $_POST&#1111;'password']);
				if (empty($username)) &#123;
					$proceed = "false";
				&#125;
				if (empty($password)) &#123;
					$proceed = "false";
				&#125;
				if ((strlen($username) < 3) || (strlen($username) > 15)) &#123;
					$proceed = "false";
				&#125;
				if ((strlen($password) < 8) || (strlen($password) > 12)) &#123;
					$proceed = "false";
				&#125;
				if ($username === $password) &#123;
					$proceed = "false";
				&#125;
				$alphanum_c = "aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ0123456789";
				$unlen = strlen($username);
				$pwlen = strlen($password);
				for ($i=0; $i<$unlen; $i++) &#123;
					if (!strstr($alphanum_c, $username&#1111;$i])) &#123;
						$proceed = "false";
					&#125;
				&#125;
				for ($i=0; $i<$pwlen; $i++) &#123;
					$len = strlen($password);
					if (!strstr($alphanum_c, $password&#1111;$i])) &#123;
						$proceed = "false";
					&#125;
				&#125;
				if ($proceed === "true") &#123;
					$go = "true";
				&#125; else &#123;
					$go = "false";
				&#125;
			&#125;
		&#125;
	&#125;
&#125;

class db_ops &#123;
	function db_ops() &#123;
		$this->db_host = "localhost";
		$this->db_user = "user";
		$this->db_pw   = "password";
		$this->db_name = "dbname";
		$this->link = mysql_connect($this->db_host, $this->db_user, $this->db_pw);
	&#125;

	function connect() &#123;
		if (!$this->link) &#123; 
			print "<b>&#1111;-]</b> Could not connect to database server..<br>\n";
		&#125;
		if (!mysql_select_db($this->db_name)) &#123;
			print "<b>&#1111;-]</b> Could not select the $this->db_name database..<br>\n";
		&#125;
	&#125;

	function disconnect() &#123;
		if (!mysql_close($this->link)) &#123;
			print "<b>&#1111;-]</b> Could not disconnect from database, was connection made?<br>\n";
		&#125;
	&#125;

	function validate($username, $password) &#123;
		$this->query = mysql_query("SELECT password FROM members WHERE username = "$username"");
		$valid = mysql_fetch_array($this->query);
		if ((md5($password) == $valid&#1111;'0'])) &#123;

			/* THIS IS WHERE I'M HAVING PROBLEMS.. */

		&#125; else &#123;
			print "Credentials Failed Validation..<br>\n";
		&#125;
	&#125;
&#125;

?>
<html>
<head>
<title>Login</title>
</head>
<body>
<form method="post" action="/login.php">
<input type="textbox" name="username" size="20" maxlength="15">
<input type="password" name="password" size="20" maxlength="12">
<input type="hidden" name="submitted" value="true">
<input type="submit" value="Login">
</form>
<?php
if (isset($go)) &#123;
	if ($go === "true") &#123;
		$db_op = new db_ops();
		$db_op->connect();
		$db_op->validate($username, $password);
		$db_op->disconnect();
	&#125;
&#125;
?>
</body>
</html>
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I don't see where you set a cookie or call header anywhere in this code. :?
rehfeld
Forum Regular
Posts: 741
Joined: Mon Oct 18, 2004 8:14 pm

Post by rehfeld »

looks like he had it in there but replaced it w/ this:

Code: Select all

/* THIS IS WHERE I'M HAVING PROBLEMS.. */

crc-

about the header problems:
viewtopic.php?t=1157


also, where you use a for() loop to make sure the username and password is only letters or numbers,
there is a function for that. ctype_alnum()

you also might wanna change this
$cv = count($HTTP_POST_VARS);
to this
$cv = count($_POST);
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

:? serves me right, I guess, for not being able to read the stupid code "highlight".. I miss my php tags.. :(

The tutorial is the thing to read for sure.


for the quick answer, the html output before the function in the class is called is the culprit.
crc
Forum Newbie
Posts: 5
Joined: Thu Jan 13, 2005 10:31 pm

Post by crc »

Thank you both very much. I'm all set now :D

, crc
rehfeld
Forum Regular
Posts: 741
Joined: Mon Oct 18, 2004 8:14 pm

Post by rehfeld »

feyd wrote:I miss my php tags.. :(

then get on it and put your regex skills to work!

we all miss those tags too! :)
Post Reply