Page 1 of 1

PHP in Windows: Header, Setcookie, w/ Login Form

Posted: Fri Aug 26, 2005 2:28 pm
by cfytable
I've been reading a fair amount about the issue of not being able to set a cookie after header information has already been sent in Windows, but I'm not finding a good explanation as to how to structure code based on this concept. I am putting together a simple login form, where, if the username/password combo matches against a database table, it creates a cookie and sends the user to a secure page. I want to cut down on the number of .php pages and keep the code well-organized, but I keep running into the header issue. Can somebody explain how I would modify the code below to not encounter these header issues?

Code: Select all

//BEGIN PHP FILE

<? function ShowLoginForm() { ?>
       // STANDARD HTML FORM FIELDS FOR USERNAME,PASSWORD, SUBMIT BUTTON
<? } ?>

	<HTML>
		<HEAD>
		</HEAD>

		<BODY>

		<? 
			if ($_SERVER['REQUEST_METHOD'] != 'POST') { 
				ShowLoginForm(); 
			} else { 

				if (USERNAME AND PASSWORD MATCH BASED ON AUTH FUNCTION) { 

                                                                       *** 
                                                                             Here is where I am unclear on what I need to do; Since the user has passed the test here, 
                                                                              I want to set the cookie and redirect them to the secure page. The below does not work.         *****
					setcookie("loggedin", $username, time()+28800, "/") or die("Could not set cookie");
					header("Location:home.php");
				} else {
					echo "Username/Password Do Not Match";
					ShowLoginForm();
				}

			} 

		?>

	</BODY>

</HTML>


feyd | Please use

Code: Select all

and

Code: Select all

tags where approriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]

Posted: Fri Aug 26, 2005 2:50 pm
by feyd
viewtopic.php?t=1157

I should keep a count of how many times I've responded with that... :)

Posted: Fri Aug 26, 2005 5:18 pm
by s.dot
I was guilty of this myself in the beginning, but I wonder why it is that a lot of people think they can send a header in the middle of a page.

Posted: Fri Aug 26, 2005 6:47 pm
by John Cartwright
scrotaye wrote:I was guilty of this myself in the beginning, but I wonder why it is that a lot of people think they can send a header in the middle of a page.
Why can't you

Posted: Fri Aug 26, 2005 7:19 pm
by Ambush Commander
I was guilty of this myself in the beginning, but I wonder why it is that a lot of people think they can send a header in the middle of a page.
Ignorance, I guess. They don't know what header means, just that it's some thing that does black magic.

Explanation

Posted: Sun Aug 28, 2005 8:56 pm
by cfytable
As a way of explanation, I think that I, as an ASP guy, naturally look for the equivalent of Response.Redirect, and, unless I'm missing something, header() seems the closest thing in PHP, but, since the latter deals with header information of documents, it really is a totally different thing altogether, but that may be why people end up in this situation like me.

Posted: Sun Aug 28, 2005 9:18 pm
by Chris Corbyn
Did that topic feyd posted get you sorted? The few options are:

1. Use Output Buffering
2. Rethink the design completely
3. Use JavaScript to set the cookie

Posted: Tue Aug 30, 2005 10:21 am
by cfytable
I did get it working using ob_start() . I appreciate your help--that was a great overview.

Posted: Tue Aug 30, 2005 2:48 pm
by feyd
ob_start() = band-aid. ;)