header not working properly is there any other way?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
pinjubp
Forum Newbie
Posts: 3
Joined: Mon Mar 10, 2008 2:15 pm

header not working properly is there any other way?

Post by pinjubp »

i am new here
plz help me

Code: Select all

$GLOBALS["smarty"]->display('login.tpl');
 
 
 
if($GLOBALS["Get"]->val("submit")!=""){
    
        $admin = $GLOBALS["Get"]->val("admin");
        $password = $GLOBALS["Get"]->val("password");
        $p=md5($password);
        $db = new sqldb;
        $sql_query="SELECT * FROM admin WHERE user='$admin' AND PASSWORD ='$p' LIMIT 1";
        $value=$db->result($sql_query);
        
        $sn =new session;
        if($value['user']&&$value['password']){
        $sn->setSess('adminuser','yes');
        //echo $value['user'];
        header("Location: index.php?page=adminpage");
        
 
} 
    }
 
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Re: header not working properly is there any other way?

Post by alex.barylski »

Why is it not working?

Try an absolute path:

Code: Select all

header('Location: http://www.domain.com/index.html');
anto91
Forum Commoner
Posts: 58
Joined: Mon Mar 10, 2008 10:59 am
Location: Sweden

Re: header not working properly is there any other way?

Post by anto91 »

pinjubp wrote:i am new here
plz help me

Code: Select all

$GLOBALS["smarty"]->display('login.tpl');
 
 
 
if($GLOBALS["Get"]->val("submit")!=""){
    
        $admin = $GLOBALS["Get"]->val("admin");
        $password = $GLOBALS["Get"]->val("password");
        $p=md5($password);
        $db = new sqldb;
        $sql_query="SELECT * FROM admin WHERE user='$admin' AND PASSWORD ='$p' LIMIT 1";
        $value=$db->result($sql_query);
        
        $sn =new session;
        if($value['user']&&$value['password']){
        $sn->setSess('adminuser','yes');
        //echo $value['user'];
        header("Location: index.php?page=adminpage");
        
 
} 
    }
 
The first row show to us is an output, do be able to uses headers after output you need to start your script with ob_start(); and preferably end with ob_end_flush();
Post Reply