HI All,
I'm developing a security system for a CMS but it appears that my redirect does not work.

I'm using sessions and I know that the session is being created since I did an echo on session_id().

<?php if($count==1)
{
	$_SESSION['loggedin']=1;
	print "logged in";
	header('Location: edit.php');
	print "no";
}
else {
echo "Wrong Username or Password";
}
?>

What's wrong, and how do I fix it to redirect after the user is authenticated?

Cheers,

Do you have

<?php session_start(); ?>

at the top of your pages?

exit after redirection

header('location: edit.php');	
exit;

Hey guys, thanks for the fast responses!

Do you have

<?php session_start(); ?>

at the top of your pages?

Yes, it is right at the top of the page for authenticate.php (the page I'm having issues with) and edit.php. Do I need one for login.php?

exit after redirection

header('location: edit.php');	
exit;

I've added it on but it doesn't seem to make a difference.

Looking through the error log, I found this:

[13-May-2010 12:47:09] PHP Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/authenticate.php:26) in /Applications/MAMP/htdocs/authenticate.php on line 28
[13-May-2010 12:49:10] PHP Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/authenticate.php:26) in /Applications/MAMP/htdocs/authenticate.php on line 27

All I'm doing is getting the login and password contents from login.php, checking against sql injection attacks and then running a query to authenticate the user before producing output.

Cheers,

so u r not redirecting to edit.php. right...
ok then paste this on top of ur code.

ob_start();

and after header paste

ob_end_flush();

i think it works..

dont forget to mark as solved if it is done.

I just fixed it. The clue was that the log said output started at line 26. I just had a look at the code, and I was echo'ing the session variable to check whether it had been changed. I removed it and it's all working now :)

do not print or echo anything or do not write html code before calling header() function.

Nice solution. That'll definitely help us :)

Mike,

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.