redirecting in php

Question

jacob21 0 Posting Whiz in Training

13 Years Ago

Hi,
I am working on login form.When i redirect a page its showing an error given below.

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\job\login.php:49) in C:\xampp\htdocs\job\login.php on line 50

need help.
Thanks

<?php
//Start session
	session_start();
	
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="ihmjob"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect server ");
mysql_select_db("$db_name")or die("cannot select DB");

//Array to store validation errors
	$errmsg_arr = array();
	
//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}


if(isset($_POST['submit']))
{
//Sanitize the POST values
	$login = clean($_POST['uemail']);

	$password = clean($_POST['pass']);
	
 //Input Validations
	if($login == '') {
		$errmsg_arr[] = 'Login ID missing';
		$errflag = true;
	}
	if($password == '') {
		$errmsg_arr[] = 'Password missing';
		$errflag = true;
	}
	
//If there are input validations, redirect back to the login form
	if($errflag) {
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		echo "Wrong username & password";
		header("location: login.php");
		exit();
	}

//Create query
	$qry="SELECT * FROM login WHERE uemail='$login' AND pass='$password'";
	echo "SELECT * FROM login WHERE uemail='$login' AND pass='$password'";

	$result=mysql_query($qry);
	
//Check whether the query was successful or not
	if($result) {
		if(mysql_num_rows($result) == 1)
		 {
			 echo "Login Successful";
			/*session_regenerate_id();
			$member = mysql_fetch_assoc($result);
			$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
			$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
			$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
			session_write_close();
			header("location: member-index.php");
			exit();
		}*/
		header("location: admin.php");
			exit();
			
			
		}
		else {
			echo "Login failed";
			header("location: login-failed.php");
			exit();
		     }
		     }
	}
?>

php

4 Contributors
8 Replies
234 Views
4 Months Discussion Span
Latest Post 13 Years Ago Latest Post by riseguim

ndeniche 402 Posting Virtuoso

13 Years Ago

You can't send a header("location:page.php") command after sending html code to the webpage. You must do it when the page's headers haven't been loaded yet.

Though you can try doing it with a bit of javascript.

ndeniche 402 Posting Virtuoso

13 Years Ago

Try removing line 55. The data print into the page counts as a page header, so the header("location...") function won't work.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

jacob21 0 Posting Whiz in Training · Answer 1 · 2011-03-14T13:48:36+00:00

Hi,still getting same error.
Please give me any suggestion.
Thanks

<?php
//Start session
	session_start();
	
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="ihmjob"; // Database name
$tbl_name="login"; // Table name

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect server ");
mysql_select_db("$db_name")or die("cannot select DB");

//Array to store validation errors
	$errmsg_arr = array();
	
//Function to sanitize values received from the form. Prevents SQL injection
	function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
			$str = stripslashes($str);
		}
		return mysql_real_escape_string($str);
	}


if(isset($_POST['submit']))
{
//Sanitize the POST values
	$login = clean($_POST['uemail']);

	$password = clean($_POST['pass']);
	
 //Input Validations
	if($login == '') {
		$errmsg_arr[] = 'Login ID missing';
		$errflag = true;
	}
	if($password == '') {
		$errmsg_arr[] = 'Password missing';
		$errflag = true;
	}
	
//If there are input validations, redirect back to the login form
	if($errflag) {
		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
		session_write_close();
		header("location: login.php");
		exit();
	}

//Create query
	$qry="SELECT * FROM login WHERE uemail='$login' AND pass='$password'";
	echo "SELECT * FROM login WHERE uemail='$login' AND pass='$password'";

	$result=mysql_query($qry);
	
//Check whether the query was successful or not
	if($result) {
		if(mysql_num_rows($result) == 1)
		 {
			 echo "Login Successful";
			/*session_regenerate_id();
			$member = mysql_fetch_assoc($result);
			$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
			$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
			$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
			session_write_close();
			header("location: member-index.php");
			exit();
		}*/
		header("location: admin.php");
			exit();
			
			
		}
		else {
			
			header("location: login-failed.php");
			exit();
		     }
		     }
	}
?>

jacob21 0 Posting Whiz in Training · Answer 2 · 2011-03-14T15:12:00+00:00

Thanks Nichito,
now its working.
another thing i want to discuss how to make a welcome message when a particular user login i.e..
if admin login then it shows
Welcome admin logout[/B]
otherwise welcome guest

should i make a session of username.
need your valuable suggestion

Thanks

amie900218 0 Newbie Poster · Answer 3 · 2011-03-14T15:35:59+00:00

yes, u should, its better have a session of username in order to direct specific user to specific page.
example like this code.
this code is for admin.

<?php

$username = $_POST['username'];
$password = md5($_POST['password']);

if($username&&$password)
{
$connect = mysql_connect("localhost","root","") or die("mysql error");
mysql_select_db("databse") or die("DB ERROR");

$query = mysql_query("SELECT * FROM admin WHERE username='$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{
	while ($row = mysql_fetch_assoc($query))
	{
		$dbusername = $row['username'];
		$dbpassword = $row['password'];
		
	}
	
	// check if they match
	if ($username==$dbusername&&$password==$dbpassword)
	{
		echo "your are in. <a href='http://localhost/MPPPORTAL%28FINAL%29/visitor/index.php'>click</a> here to enter member page";
		$_SESSION['username']=$username;
		
	}
	else
		echo "incorretc password";

}
else
	die("dont exist");

}
else
	die("Please enter username");

?>

jacob21 0 Posting Whiz in Training · Answer 4 · 2011-03-14T15:45:55+00:00

Thanks amie900218,
how to display login member name on each page.
using session_start(); on each page.

thanks

amie900218 0 Newbie Poster · Answer 5 · 2011-03-14T16:04:47+00:00

<?php
session_start();

if (!isset($_SESSION['username'])) {
header('Location: indexMemberLogin.php');
}
?>

put coding above on every page..
and the function for isset above means if user session is not set(unset after we logout), so it will be redirect to login page. if someone try to click "go back one page" after he/she logout, the page will redirect to login page.
and below is coding for display member name on each pages after login.

<html>

<head>
<title>Secured Page</title>
</head>

<body>

<p>Welcome <b><?php echo $_SESSION['username']; ?></b>
<br>You can put your restricted information here.</p>
<p><a href="logout.php">Logout</a></p>

</body>

</html>

riseguim 0 Light Poster · Answer 6 · 2011-07-12T20:03:25+00:00

<?php
session_start();
if(!isset($_SESSION["username"]))
{
   header('Location: login.php');
   exit;
} 
?>

This icode working for Firefox, but in IE it just doesn't load anything... Like at all... Do you have any idea? It's almost the same as the code in your post. I really need to figure this out