We Keep Coding

URL Redirecting issue does not redirect on server

I've fully functional website works fine on my site on my localhost wamp server but i upload the same file into the server on 1&1 the redirect does not work. the code is below
<?php require_once('../model/class.user.php'); ?>
<?php require_once('../model/class.person.php'); ?>
<?php require_once('../model/class.session.php'); ?>
<?php require_once('../model/class.loginrecord.php'); ?>
<?php require_once('../controller/general_functions.php'); ?>
<?php require_once('../controller/utility_functions.php'); ?>
<!DOCTYPE html>
<html lang="en">
<head>
if(isset($_POST['checkUser'])){
$usrnme = htmlspecialchars($_POST['un']);
$paswrd = htmlspecialchars($_POST['pwd']);
if(!empty($usrnme) && !empty($paswrd)){
//verify user credentials
$foundUser = User::verify(array($usrnme, $paswrd));
if($foundUser){ //if user found in DB
//$errors[] = "Username : found<br />";
$UID = $foundUser->id;
$userRole = $foundUser->role;
$userPersonID = $foundUser->person_id;//user_person_id has stored the reference to person's table
$ip = getenv('HTTP_CLIENT_IP')?:
getenv('HTTP_X_FORWARDED_FOR')?:
getenv('HTTP_X_FORWARDED')?:
getenv('HTTP_FORWARDED_FOR')?:
getenv('HTTP_FORWARDED')?:
getenv('REMOTE_ADDR')?: "UNKNOWN";
LoginRecord::save(array(null, $foundUser->id, getCurrentDateTime(), $ip));
$findPerson = Person::findByID($userPersonID);//find the user based on the
$userFN = Person::fullName($findPerson);//find the full name of the person
$session->setValues(md5('loginStatus'), encrypt('true'));
$session->setValues(md5('userID'), encrypt($UID));
$session->setValues(md5('userFullName'), encrypt($userFN));
if($userRole == ROLE_ADCMIN)
{
$session->setValues(md5('role'), encrypt(ROLE_ADCMIN));
redirectTO('admin/dashboard.php');
}
elseif ($userRole == ROLE_AGENT)
{
$session->setValues(md5('role'), encrypt(ROLE_AGENT));
redirectTO('agent/index.php');
}
elseif ($userRole == ROLE_OTHER)
{
redirectTO('superuser/index.php');
}
} else {
$errors[] = "Sorry Username/Password not valid <br />";
}//end if($foundUser)
} else {
$errors[] = "Text fields are empty.";
}
}
the function that redirect the page is below:
function redirectTO($url = null){
if($url != null){
header("Location:{$url}");
exit();
}
}
I've everything i could but it just does not work show blank page... can you please help me get out of this mess... do you have any idea?
Regards

use <?php ob_start(); ?> at the very start of the page and use <?php ob_end_flush(); ?> at the very end of the page.

It looks as though you are trying to redirect AFTER you have already outputted data. Headers must be sent before any output is sent to the browser.
Your HTML here:
<!DOCTYPE html>
<html lang="en">
<head>
is being outputted before your redirectTo function is called.
Also, you are missing an opening PHP tag after your HTML.

May be use only $url .. don't set $url=null
function redirectTO($url){
if($url != null){
header("Location:{$url}");
exit();
}
}
let me know if it works ..

Using URL With Variables to Effect Code

I was wondering how you use ? (question marks) in your website to make it do different stuff based on the variable in the url.
like:
http://example.com/php/learn/kinder.php?level=$level
like what's that called, and how do you use it?
I assume with a switch statement
This is my code at the momment:
<php
$con=mysqli_connect("host","username","pass","db");
//Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$level = mysqli_query($con,"SELECT gradek FROM profiles");
?>
<html>
<head>
<title> Redirecting </title>
<meta http-equiv="refresh" content="1; url=http://teachertechtutor.com/php/learn/kinder.php?level=$level>
</head>
<body>
</body>
</html>
Then i'd have a switch... I know it's pointless. I just want to know for future reference.
So my question is:
how to redirect using php variable in html
How to use the ? to change the code.
I used bolli's code and this is what appears in the web page:
`<meta http-equiv="refresh" content="1; url=http://teachertechtutor.com/php/learn/kinder.php?level2=> </head> <body> </body> </html>
And it still doesn't redirect correctly

In kinder.php place:
$level = $_REQUEST['level'];
echo $level;
And read about POST and GET request.
http://www.tizag.com/phpT/postget.php
Or do you mean how to place the variable in the URL?
Either do
<meta http-equiv="refresh" content="1; url=http://teachertechtutor.com/php/learn/kinder.php?level=<?php echo $level;?>>
or
echo "<meta http-equiv="refresh" content="1; url=http://teachertechtutor.com/php/learn/kinder.php?level=".$level;
EDIT / UPDATE
Are you trying to get the variable and based on it, switch the page content?
You could do something like this?
<?php
//you could load header here
//include 'header.php';
/*
*Load content based on $_get parameter
*/
// Get the $variable from the url after the level=
$page = (isset($_GET['level'])) ? $_GET['level'] : 'index';
//Check to see if the file exist
if (!file_exists($page . '.php'))
{
//echo "File does not exist" . $page;
}
switch ($page)
{
case 'test':
include('test.php');
break;
case 'test2':
include('test2.php');
break;
case 'test3':
include('test3.php');
break;
//Defualt start page
default:
include('index.php');
}
// You could load footer here
//include 'footer.php';
?>

User profile data does not appear after logging in

I am creating a social network website where each user has his own profile, but there is a problem when I log in, the profile page does not appear. I used cookies and sessions I did lot of research about the problem but without any success, so I think that the problem is in the cookies. I do not know how to fix it; if anyone can help me, I will appreciate that.
profile.php
<?php
ob_start();
require_once('for members/scripts/global.php');
if($logged == 1){
echo("you need to be loged in to view profiles");
exit();
}
if(isset($_GET['id'])){
$id=$_GET['id'];
$id= preg_replace("#[^0-9]#","",$id);
}else{
$id=$_SESSION['id'];
}
//collect member information
$query = mysql_query("SELECT * FROM members WHERE id='$id'LIMIT 1") or die("could not collect user information ");
$count_mem = mysql_num_rows($query);
if($count_mem == 0){
echo("the user does not exit");
exit();
}
while($row = mysql_fetch_array($query)){
$username = $row['username'];
$fname = $row['firstname'];
$lname = $row['lastname'];
$profile_id= $row['id'];
if($session_id == $profile_id){
$owner = true;
}else{
$owner = false;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><?php print("$fname"); ?> <?php print("$lname"); ?>'s profile</title>
<link href="style/stylesheet.css" type="text/css"/>
</head>
<body>
<div class="container center">
<h1><?php print("$username"); ?></h1>
<?php
if($owner == true ){
header("Location: profile.php");
?>
<!--
edit profile<br />
account settings<br />
-->
<?php
}else{
header("Location: index.php");
?>
<!--
private message<br />
add as friend<br />
-->
<?php
}
?>
</div>
</body>
</html>
<?php flush(); ?>
If you need other related code, let me know. Thank you.

There are quite a few things wrong with the code that you have displayed. For starters, Do not use mysql_ functions. From the PHP manual
This extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used.
Secondly, your header redirects are imbedded in your HTML, which is bad practice and you've only been saved by ob_start(). With that though, you have a conditional that will either redirect to 'profile.php' or 'index.php', be lucky you get redirected to 'index.php', otherwise you'd have a forever self-redirecting page.
I can't see if/where you ever set the variable $session_id, but from what can be seen, it's null and will never == $profile_id, so $owner will always be false.
With that, you have a while loop while fetching one row...remove it, no need for it.
Now for some of the logic in your code. If you have to be the profile owner in order to view it, check that immediately after your query, and if not the owner, header("Location: index.php"); die; and don't have an else, anything following it means that it's the profile owner viewing the page.
Also, you need to make sure session_start(); is at the top of the page if you plan on using the session variables. You have ob_start(); up there, but at the end you call flush(). Read up on ob_start() and call the proper flush function for the buffer you started.

Script Redirecting Even when valid

This is a little script that supposed to redirect if someone came from a different page, but it's does not work.
It keeps redirecting to the form page.
Here's the code
<?php
define('FORM', 'form.html');
$referer = $_SERVER['HTTP_REFERER'];
// this keeps redirecting even when I came by submiting the form to this page
if ( $referer != FORM ) {
header('Location: ' .FORM);
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Testing 123</title>
</head>
<body>
<?php
$name = $_GET['name'];
$surname = $_GET['surname'];
echo 'hello'. $name. 'nice to see you here mr' .$surname;
?>
</body>
</html>

You could test if the user came from the "form page" by checking if a certain $_POST variable has been sent. For example you could try something like
if(isset($_POST['somehiddenvalue']) && $_POST['somehiddenvalue'] == $hiddenVal) {
// ok.
} else {
// redirect
}
The user will still be able to manipulate the Post variables, keep this in mind.

I suppose what is causing you trouble, is that you don't exit the script after calling header():
header('Location: ' . FORM);
exit;
Anyway you should consider checking for the required parameters, instead of relying on $_SERVER['HTTP_REFERER'], as sending the referrer-info may be disabled in the user's browser.
isset($_GET['name']) : $name = $_GET['name'] ? $name = null;
isset($_GET['surname']) : $surname = $_GET['surname'] ? $surname = null;
if (empty($name) || empty($surname)) {
header('Location: ' . FORM);
exit;
}
Additionally you should escape $_GET['name'] and $_GET['surname'] before outputting it!

Jquery login form driving me crazy

So I have a home page where a user can log in. Once they log in I need them to redirect them to index.php that just pulls there information. The Jquery makes a call to index.php where it runs a check against Mysql, if the user doesn't exist it alerts not a valid user. Now if it does I need to send them back to index.php.
Hers is index.php
<?php
include_once 'includes/membersclass.php';
session_start();
$member = new MEMBERS();
if(!isset($_SESSION['id'])) {
if($_POST['action'] == true) {
$result = $member->login($_POST);
if($result) {
$_SESSION['id'] = $result;
echo $_SESSION['id'];
} else {
return false;
}
}
if($_POST['signup'] == 'true') {
$result = $member->signup($_POST);
if($result) {
$_SESSION['id'] = $result;
} else {
header("Location: root.php");
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel='stylesheet' type='text/css' href='css/members.css' />
</head>
<body>
<div id="calendar_container">
<?php $member->drawCalendar(2, 2011); echo $_SESSION['id']; ?>
</div>
</body>
</html>
As you can see Jquery makes the initial call to index.php with a post and get the response back. I set the session to store the user id. On the same page is where the users profile will show. How do I get back here on successful login. Am I even doing it right, should this be separate from the PHP to begin with. Uggghhh, please help.

The question is a bit vague, but if I understand correctly you want to reload the index.php page after a successful login.
if(!isset($_SESSION['id'])) {
if($_POST['action'] == true) {
$result = $member->login($_POST);
if($result) {
$_SESSION['id'] = $result;
echo $_SESSION['id'];
} else {
return false;
}
}
If I'm not mistaken, this piece of code checks if user is already logged in. If not, your checking if the previous Jquery page has given either an 'action' (which I assume is a login call) or a 'signup' (which I assume is to create a new account).
In this case, if 'action' is chosen, you check if the user exists ($result = $member->login($_POST);) and if he does, you create the session ID, and the index-page should show the profile.
Since the $_SESSION['id'] has only been assigned after the page has loaded, it does not check if the $_SESSION['id'] has been assigned again. So you have to reload the page to do this:
if(!isset($_SESSION['id'])) {
if($_POST['action'] == true) {
$result = $member->login($_POST);
if($result) {
$_SESSION['id'] = $result;
echo $_SESSION['id'];
header("Location: index.php");
} else {
return false;
}
}
Now it will call the index.php again, it goes past the if(!isset($_SESSION['id'])) part, since this time the session is created, and to the code (which is not yet present here?) that will take care of the profile.
I have to assume quite a bit here, but tell me how close I am.
PS:
if($_POST['action'] == true)
and:
if($_POST['signup'] == 'true')
Once you have true without quotes, once with. I think you just want to check which one is set? This will suffice:
if(isset($_POST['signup']))
and
if(isset($_POST['action']))
Makes the code more consistent and less prone to errors.