hiya. can someone help with this problem ?
i wrote a login script using the header function to redirect the client to a secure section. this works fine on a server using php version 4.3.10 but fails on another server using 4.4.2.
when the script is run, rather than go to the redirected page, the same script is run again with the query string attached to the url but with no output to the page. i then echo'd out some variables from the script but it will not get past the header function.
can anyone tell me whats going on here ?
thanks
weird differences using header() with php 4.3 and 4.4
Moderator: General Moderators
First of all, copy this code and check under "HTTP Headers Information" if there is something:
Secondly, check that your script doesn't print anything to the browser ("echo", "print" etc.).
Code: Select all
<?php
phpinfo();
?>the script falls over on the 3rd last line. the echo statements and the string argument to the die function within that IF condition blockwere tests which isolated the header() function as the problem. the script malfunctions equally well without them only the screen is blank.
thanks OK, i did a check using php info primarily to check the php version numbers but couldn't find a section called HTTP headers information. where is it ?
BTW $auth and $name are session variables.
hope you can help
thanks OK, i did a check using php info primarily to check the php version numbers but couldn't find a section called HTTP headers information. where is it ?
BTW $auth and $name are session variables.
Code: Select all
$user = $_POST["user"];
$pword = $_POST["pword"];
switch($do) {
case "login":
$connection = mysql_connect($host, $dbuser, $password) or die (mysql_error());
$db = mysql_select_db($database, $connection) or die (mysql_error());
$sql = "SELECT login_name FROM admin WHERE login_name='$user'";
$result = mysql_query($sql) or die (mysql_error());
$found = mysql_num_rows($result);
if ($found == 1) {
$sql2 = "SELECT pass_word FROM admin WHERE login_name='$user' AND pass_word='$pword'";
$result2 = mysql_query($sql2) or die(mysql_error());
$foundpass = mysql_num_rows($result2);
if ($foundpass == 1) {
echo "password found<br>";
$auth = "yes";
echo $auth;
$name = $user;
echo $name;
$today = date("Y-m-d H:m:s");
echo $today;
$sql3 = "INSERT INTO login (login_name, login_date) VALUES ('$name', '$today')";
mysql_query($sql3) or die ("this is weird");
header ("Location: admin.php");
exit();
}as i have said these echoes were to see if anything could be sent to the screen. the following code has the same no effect. i rewrote it from scratch to eliminate whitespace and commented out an irrelevance which might have caused a problem
the code for admin.php begins as follows.
and in previewing this post i have spotted the problem. thanks for your time guys.
Code: Select all
if ($foundpass == 1) {
$auth = "yes";
$name = $user;
// $today = date("Y-m-d H:m:s");
// $sql3 = "INSERT INTO login (login_name, login_date) VALUES ('$name', '$today')";
// mysql_query($sql3) or die ("this is weird");
header ("Location: admin.php");
exit();
}Code: Select all
<?php
session_start();
if ($auth != "yes") {
header("Location: index.php");
exit();
?>
<html>except, no...
except no, adding the missing curly brace has made no difference and i am left with my original problem