Redirect using a Buffer

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
MikeCXT
Forum Newbie
Posts: 14
Joined: Fri Jan 13, 2006 1:26 pm

Redirect using a Buffer

Post by MikeCXT »

Hello. I have a login page that when correct information is submitted, redirects to a new page. My problem is the issue that no data can be send before the header() statement. I currently have include()s that are at the begining, which contain my password info for mySQL database, which I connect to in order to run sanatizing scripts, etc.

So, the includes have to remain as far as I can tell. After searching for a while, I came across the php buffer. I 'think' this means I could put the include()s in the buffer, but I can not figure out the order works... in other words...

Code: Select all

ob_start();

include_once('xPath.inc.php');
include_once($pathRoot.'password.inc.php');
include_once($pathClass.'mysqldb.class.php');

// perhaps here would go ob_end_flush() ????


//Open Connection to Database
$db = new MySQLClass();
$db->connect(MYSQL_HOST, MYSQL_USERNAME, MYSQL_PASSWORD); 
$db->select(MYSQL_DB);

//Sanitize Inputs from SESSION and POST
sanitize_inputs();

// I then use some if else statements to find out if the login information is the same as the database, $dataPresent is defined for the below if statement, and no includes or any information is passed to the browser in all this code.

if ($dataPresent == "yes" ) {
  header("location: http://www.domain.com/directory/workshop.php");
  exit;
}
Is Buffering a good option for this problem? If so, I can not figure out when to call the buffer and buffer flushing commands. The Order of everything must remain I think, since I have to have the password include() in order to be able to access mySQL for sanitizing, then checking if the login data matches the database, THEN submitting the header redirect if login verified.

Any ideas on how to make this work as intended? Or is this not possible with my current setup, and would JavaScript be better then?

Thank you for any and all help.
-Mike-
User avatar
xinnex
Forum Commoner
Posts: 33
Joined: Sun Jan 07, 2007 7:38 pm
Location: Copenhagen, Denmark

Post by xinnex »

Assuming that I undertand your question, then..

The includes isn't actually the problem. The problem is that your are sending content to the output-stream before redirecting..
Yes, you could solve your problem with outputbuffering, but a more proper way would be to make sure that your includes don't output anything unless necesarry (eg. wrap output in functions)
MikeCXT
Forum Newbie
Posts: 14
Joined: Fri Jan 13, 2006 1:26 pm

Post by MikeCXT »

Thank you Xinnex,

I wrapped my password information in a function, then called the function on my login.php page, and it worked. The page correctly redirects while my includes remain in place. Thank you very much.

Since I am changing the password file, the old was:

Code: Select all

<?php 
define('MYSQL_USER', 'random'); 
define('MYSQL_PASS', 'randomagain'); 
define('MYSQL_HOST', 'mysql.adomain.com'); 
define('MYSQL_DATB', 'my_db');
?>

The new one is:

Code: Select all

<?php 
if (1==1) {
define('MYSQL_USER', 'random'); 
define('MYSQL_PASS', 'randomagain'); 
define('MYSQL_HOST', 'mysql.adomain.com'); 
define('MYSQL_DATB', 'my_db');
} 
?>
This is still secure, correct? The file is located in the root directory (? The directory above the domain directory). I just want to make sure this is still secure. As I said earlier, I was using a function, but I also found that the if statement works and makes it so I do not have to call the function, so less code in each page that uses this file.
Post Reply