Cookie() Header() problem
Posted: Thu Jan 13, 2005 10:45 pm
Hello,
First post here. I am having trouble with my member login page. I've thrown together some code that shows basically how I'm doing stuff. POST data is put through a couple data checks, and if the user gives good data the data is compared to my database.
What I am having problems with is this. If the POST data matches my database I want to set a cookie, and then redirect the user to the member home page.
When I try to set a cookie or use header() I get the output already started error. The thing is I can't figure out why I'm getting the error. Please look at my code and let me know if you see what I'm doing wrong. Thank you.
First post here. I am having trouble with my member login page. I've thrown together some code that shows basically how I'm doing stuff. POST data is put through a couple data checks, and if the user gives good data the data is compared to my database.
What I am having problems with is this. If the POST data matches my database I want to set a cookie, and then redirect the user to the member home page.
When I try to set a cookie or use header() I get the output already started error. The thing is I can't figure out why I'm getting the error. Please look at my code and let me know if you see what I'm doing wrong. Thank you.
Code: Select all
<?php
if (isset($_POSTї'submitted'])) {
$cv = count($HTTP_POST_VARS);
if ($cv === 3) {
if ($_POSTї'submitted'] === "true") {
$tampered = "false";
if (!isset($_POSTї'username'])) {
$tampered = "true";
}
if (!isset($_POSTї'password'])) {
$tampered = "true";
}
if ($tampered === "false") {
$proceed = "true";
$username = str_replace(" ", "", $_POSTї'username']);
$password = str_replace(" ", "", $_POSTї'password']);
if (empty($username)) {
$proceed = "false";
}
if (empty($password)) {
$proceed = "false";
}
if ((strlen($username) < 3) || (strlen($username) > 15)) {
$proceed = "false";
}
if ((strlen($password) < 8) || (strlen($password) > 12)) {
$proceed = "false";
}
if ($username === $password) {
$proceed = "false";
}
$alphanum_c = "aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ0123456789";
$unlen = strlen($username);
$pwlen = strlen($password);
for ($i=0; $i<$unlen; $i++) {
if (!strstr($alphanum_c, $usernameї$i])) {
$proceed = "false";
}
}
for ($i=0; $i<$pwlen; $i++) {
$len = strlen($password);
if (!strstr($alphanum_c, $passwordї$i])) {
$proceed = "false";
}
}
if ($proceed === "true") {
$go = "true";
} else {
$go = "false";
}
}
}
}
}
class db_ops {
function db_ops() {
$this->db_host = "localhost";
$this->db_user = "user";
$this->db_pw = "password";
$this->db_name = "dbname";
$this->link = mysql_connect($this->db_host, $this->db_user, $this->db_pw);
}
function connect() {
if (!$this->link) {
print "<b>ї-]</b> Could not connect to database server..<br>\n";
}
if (!mysql_select_db($this->db_name)) {
print "<b>ї-]</b> Could not select the $this->db_name database..<br>\n";
}
}
function disconnect() {
if (!mysql_close($this->link)) {
print "<b>ї-]</b> Could not disconnect from database, was connection made?<br>\n";
}
}
function validate($username, $password) {
$this->query = mysql_query("SELECT password FROM members WHERE username = "$username"");
$valid = mysql_fetch_array($this->query);
if ((md5($password) == $validї'0'])) {
/* THIS IS WHERE I'M HAVING PROBLEMS.. */
} else {
print "Credentials Failed Validation..<br>\n";
}
}
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<form method="post" action="/login.php">
<input type="textbox" name="username" size="20" maxlength="15">
<input type="password" name="password" size="20" maxlength="12">
<input type="hidden" name="submitted" value="true">
<input type="submit" value="Login">
</form>
<?php
if (isset($go)) {
if ($go === "true") {
$db_op = new db_ops();
$db_op->connect();
$db_op->validate($username, $password);
$db_op->disconnect();
}
}
?>
</body>
</html>