Page 1 of 1
header redirection not working!
Posted: Sun Dec 25, 2005 6:56 am
by s.dot
I know the whole deal about header("Location: xxx");
I don't have any white space before my opening tag.
Nothing is printed to the browser.
My other redirects work, just not this one!
I used Feyd's SHA256 in this, but I highly doubt that is the problem.
Code: Select all
/* SHA256 hash the input password */
require_once 'includes/hash_sha256.php';
$hashedpass = SHA256::hash($modelpassword,'hex');
/* check that the hashed password matches the password in the database for this model id */
$correct_password_result = mysql_query("SELECT count(*) FROM users WHERE id = '$modelid' AND password = '$hashedpass'") or die(mysql_error());
if(mysql_result($correct_password_result,0) < 1)
{
/* password did not match, redirect to error message */
header("Location: index.php?error=2");
die();
}
Now, if I echo the $hashedpass, it shows up correctly.
If I echo inside of the if() it shows up.
and if I die("incorrect") that shows up.
It's just the header location line that's not working!
Posted: Sun Dec 25, 2005 7:27 am
by m3mn0n
What's the exact error message?
Can you post the contents of that include?
Posted: Sun Dec 25, 2005 7:31 am
by s.dot
meh, it would help if I knew the error message

I have display_errors off
and I'm a newb on my server and cannot access the error logs with ease
I tried ini_set("display_errors","on") but that did not seem to work
here's the entire file in question
Code: Select all
<?php
/* start session */
session_start();
/*
* This page is the worker page that will perform (mostly) all
* form actions for the model manager website. This page will
* perform the actions then redirect to the previous page and
* display either an error message or success message. This
* page is used separately to prevent people from reposting the
* same data twice
*/
/* include the database connection */
require 'includes/db_connect.php';
/* the user is logging in from index.php */
if($_POST['action'] == "model_login")
{
/* check to see that both form fields were filled in */
if(!$_POST['modelid'] || !$_POST['modelpassword'])
{
/* both fields were not filled in, redirect to error message */
header("Location: index.php?error=3");
die();
}
/* purify field input */
$modelid = mysql_real_escape_string($_POST['modelid']);
$modelpassword = mysql_real_escape_string($_POST['modelpassword']);
/* query database for model id existance */
$model_existance_result = mysql_query("SELECT count(*) FROM users WHERE id = '$modelid'") or die(mysql_error());
/* check the result */
if(mysql_result($model_existance_result,0) < 1)
{
/* model is not found, redirect to error message */
header("Location: index.php?error=1");
die();
}
mysql_free_result($model_existance_result);
/* SHA256 hash the input password */
require_once 'includes/hash_sha256.php';
$hashedpass = SHA256::hash($modelpassword,'hex');
/* check that the hashed password matches the password in the database for this model id */
$correct_password_result = mysql_query("SELECT count(*) FROM users WHERE id = '$modelid' AND password = '$hashedpass'") or die(mysql_error());
if(mysql_result($correct_password_result,0) < 1)
{
/* password did not match, redirect to error message */
header("Location: index.php");
die();
}
mysql_free_result($correct_password_result);
/* everything is good, declare users session modelid, and redirect to myaccount.php */
$_SESSION['modelid'] = $modelid;
header("Location: myaccount.php");
}
/* there was no $_POST form action, so display error message */
echo "Sorry, you have reached this page in error.";
Posted: Sun Dec 25, 2005 8:56 am
by lc
hmm how about removing: echo "Sorry, you have reached this page in error.";
Posted: Sun Dec 25, 2005 9:00 am
by foobar
Put the following line at the top of your script:
Posted: Sun Dec 25, 2005 9:03 am
by s.dot
lc wrote:hmm how about removing: echo "Sorry, you have reached this page in error.";
actually I added that in while I was being frustrated while the script wasn't working.
but i'll try the reporting, thanks.
Posted: Sun Dec 25, 2005 9:11 am
by s.dot
Warning: Cannot modify header information - headers already sent by (output started at /home/scott/public_html/modelmanager/includes/hash_base.php:175) in /home/scott/public_html/modelmanager/model_worker.php on line 58
is what I got, so I guess my problem does lie in the SHA256 code
here's Feyds sha256 hash base
line 175 is the very last line.
Code: Select all
<?php
/*******************************************************************************
*
* Hashing abstract base class definition file.
*
* (C) Copyright 2005 Developer's Network. All rights reserved.
*
* This library is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published by the
* Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* This library is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
* for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this library; if not, write to the
* Free Software Foundation, Inc.
* 59 Temple Place, Suite 330,
* Boston, MA 02111-1307 USA
*
*----- Version 1.1.0 ----------------------------------------------------------
*
* These classes generate PHP level error when an error, warning, or notice of
* some kind happens during execution. This allows you to "hide" any of these
* like you would any other function's error output using error_reporting().
*
*----- History ----------------------------------------------------------------
*
* 1.1.0 Split from hash_sha256.php
*
*----- Source Control Information ---------------------------------------------
*
* $Workfile: hash_base.php $
* $Author: Feyd $
* $JustDate: 05.04.06 $
* $Revision: 4 $
*
* $Header: /inc/hash_base.php 4 05.04.06 2:57p Feyd $
*
******************************************************************************/
// hashing class state and register storage object. Abstract base class only.
class hashData
{
// final hash
var $hash = null;
}
// hashing class message object. Abstract base class only.
class hashMessage
{
// retrieve the next chunk
function nextChunk()
{
trigger_error('hashMessage::nextChunk() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
// retrieve the current chunk
function currentChunk()
{
trigger_error('hashMessage::currentChunk() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
}
// hashing class message object for files. Abstract base class only.
class hashMessageFile extends hashMessage
{
function hashMessageFile( $filename )
{
trigger_error('hashMessageFile::hashMessageFile() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
}
// hashing class message object for URLs. Abstract base class only.
class hashMessageURL extends hashMessage
{
function hashMessageURL( $url )
{
trigger_error('hashMessageURL::hashMessageURL() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
}
// hashing class. Abstract base class only.
class hash
{
// The base modes are:
// 'bin' - binary output (most compact)
// 'bit' - bit output (largest)
// 'hex' - hexidecimal (default, medium)
// 'HEX' - hexidecimal (upper case)
// perform a hash on a string
function hash($str, $mode = 'hex')
{
trigger_error('hash::hash() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
// chop the resultant hash into $length byte chunks
function hashChunk($str, $length, $mode = 'hex')
{
trigger_error('hash::hashChunk() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
// perform a hash on a file.
function hashFile($filename, $mode = 'hex')
{
trigger_error('hash::hashFile() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
// chop the resultant hash into $length byte chunks
function hashChunkFile($filename, $length, $mode = 'hex')
{
trigger_error('hash::hashChunkFile() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
// perform a hash on a URL
function hashURL($url, $timeout = null, $mode = 'hex')
{
trigger_error('hash::hashURL() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
// chop the resultant hash into $length byte chunks
function hashChunkURL($url, $length, $timeout = null, $mode = 'hex')
{
trigger_error('hash::hashChunkURL() NOT IMPLEMENTED', E_USER_WARNING);
return false;
}
}
/*****************************************************************************
* $History: hash_base.php $
*
* ***************** Version 4 *****************
* User: Feyd Date: 05.04.06 Time: 2:57p
* Updated in $/inc
* adjust/modify some documentation for release of 1.1.0
*
* ***************** Version 3 *****************
* User: Feyd Date: 05.04.05 Time: 1:26a
* Updated in $/inc
* hashURL() finished.
*
* ***************** Version 2 *****************
* User: Feyd Date: 05.04.04 Time: 12:40a
* Updated in $/inc
* Finished hashFile(). Next up, hashURL().
*
* ***************** Version 1 *****************
* User: Feyd Date: 05.04.03 Time: 3:53a
* Created in $/inc
* Initial source control addition.
*****************************************************************************/
/* EOF :: Document Settings: tab:4; */
?>
I suppose I could just sha1 or md5 it.

Posted: Sun Dec 25, 2005 10:50 am
by josh
do you have any whitespace after the closing tag, or before the opening tag for that matter?
Posted: Sun Dec 25, 2005 10:53 am
by John Cartwright
Are you using Dreamweaver? If so, sometimes it will throw some hidden characters in your script. Try opening it in notepad to see the hidden chars.
Posted: Sun Dec 25, 2005 11:26 am
by Jenk
use isset() when checking for the existence of variables/indices, not !$var. That generates an error (notice error) if the var is not defined/set - which forces the headers to be sent.
Posted: Sun Dec 25, 2005 11:48 am
by Ambush Commander
If you have a hex editor, make sure ?> is indeed the last and <?php is the first.
Turn out output buffering and see if that works.