Ive read pretty much alot of post about this but seems like its not helping me.
I have been working an a testing local server and everything has been working swimmingly, but when I uploaded it to the web the php is suddenlly not working properly. I am connected to the db and all. the main issues I have is with the header (as far as I know).
I have been shaving bits of code and simplifying it to narrow down the problem and came to the conclusion that it was the header:
<?php
require 'admin/Connections/Connections.php';
session_destroy();
if(isset($_POST['Login'])){
$UN = $_POST['Username'];
$PW = $_POST['password1'];
$result = mysql_query("select * from admin where Username='$UN'");
$row = mysql_fetch_array($result);
echo $row['Password'];
echo $_POST['password1'];
if($PW == $row['Password']){
header('Location: admin/home.php');
}else{
$_SESSION["LoginFail"] = "Yes";
}
}
?>
the echo spits out both $post and $row as the same value so I know it should execute the header, but it just refreshes the page with the added echos.
I tried replacing the url with something like http://www.google.com/ but that takes me to a blank page with the echos. what am I missing? if it is something obvious you have permission to trash me as long as you give me an answer...
Echoing output before you use header() will stop the header from working. From the PHP documentation for header():
Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP.
At minimum, the header() call should precede the echo calls you have in your code. If that doesn't work, check to see if any output is happening in the require()ed file at the top of your code.
You are outputting HTML with echo. Therefore, header will not redirect.
Solutions:
1) Add ob_start() at the page start. This will store all your output to buffer and thus your page will not have any HTML output, redirection will occur.
2) Comment the code of echos.
3) Use javascript redirect:
echo "<script>window.location.href='admin/home.php';</script>";
This will work irrespective of what is output on the page.
You cant use PHP's header function after an echo, just put it before your echo, then it should work.
You cannot use header() function if you make any output to the client. Sometimes it's referred as "headers already sent" notice.
Also, consider moving alway from mysql_* functions as they're deprecated and won't be supported anymore. Try mysqli.
First, remove your echo statements or comment them.
when you are taking the user to some other page why the hell are you echoing anything here? To show to whom?
and write ob_start(); at the top of your PHP file i.e:
<?php
ob_start();
--------the rest of your code---
Related
No idea why this is not working. Here is the code:
if ((isset($_POST['cancel'])) && ($_POST['cancel'] == 'cancel'))
{
header('Location: page1.php');
echo $_POST['cancel'];
}
Instead of redirecting the page, this output's cancel to the webpage. It skipped over the redirect. Why? How can I fix this? page1.php is a real page located in the same folder as the current page. The above code is the very first lines of the php file. Nothing before it. Nothing. Not even whitespace.
This is likely a problem generated by the headers being already sent.
Why
This occurs if you have echoed anything before deciding to redirect. If so, then the initial (default) headers have been sent and the new headers cannot replace something that's already in the output buffer getting ready to be sent to the browser.
Sometimes it's not even necessary to have echoed something yourself:
if an error is being outputted to the browser it's also considered content so the headers must be sent before the error information;
if one of your files is encoded in one format (let's say ISO-8859-1) and another is encoded in another (let's say UTF-8 with BOM) the incompatibility between the two encodings may result in a few characters being outputted;
Let's check
To test if this is the case you have to enable error reporting: error_reporting(E_ALL); and set the errors to be displayed ini_set('display_errors', TRUE); after which you will likely see a warning referring to the headers being already sent.
Let's fix
Fixing this kinds of errors:
writing your redirect logic somewhere in the code before anything is outputted;
using output buffers to trap any outgoing info and only release it at some point when you know all redirect attempts have been run;
Using a proper MVC framework they already solve it;
More
MVC solves it both functionally by ensuring that the logic is in the controller and the controller triggers the display/rendering of a view only at the end of the controllers. This means you can decide to do a redirect somewhere within the action but not withing the view.
I have experienced that kind of issue before and now I'm not using header('Location: pageExample.php'); anymore, instead I'm using javascript's document.location.
Change your:
header('Location: page1.php');
To something like this:
echo "<script type='text/javascript'> document.location = 'page1.php'; </script>";
And what is the purpose of echo $_POST['cancel']; by the way?, just delete that line if what you want is just the redirection. I've been using that <script> every time and it doesn't fail me. :-)
Use #obstart or try to use Java Script
put your obstart(); into your top of the page
if ((isset($_POST['cancel'])) && ($_POST['cancel'] == 'cancel'))
{
header('Location: page1.php');
exit();
}
If you use Javascript Use window.location.href
window.location.href example:
if ((isset($_POST['cancel'])) && ($_POST['cancel'] == 'cancel'))
{
echo "<script type='text/javascript'>window.location.href = 'page1.php';</script>"
exit();
}
I had also the similar issue in godaddy hosting.
But after putting ob_start(); at the beginning of the php page from where page was redirecting, it was working fine.
Please find the example of the fix:
fileName:index.php
<?php
ob_start();
...
header('Location: page1.php');
...
ob_end_flush();
?>
I had similar problem...
solved by adding ob_start(); and ob_end_flush();
...
<?php
ob_start();
require 'engine/vishnuHTML.class.php';
require 'engine/admin/login.class.php';
$html=new vishnuHTML();
(!isset($_SESSION))?session_start():"";
/* blah bla Code
...........
...........
*/
</div>
</div>
<?php
}
ob_end_flush();
?>
Think of ob_start() as saying "Start remembering everything that would normally be outputted, but don't quite do anything with it yet."
ob_end_clean() or ob_flush(), which either stops saving things and discards whatever was saved, or stops saving and outputs it all at once, respectively.
For me also it was not working. Then i try with javascript inside php like
echo "<script type='text/javascript'> window.location='index.php'; </script>";
This will definitely working.
Pekka answered my question in the comments. He didn't post an answer, so I am now. Use the exit() method after the header redirect. For some reason the rest of the code of the page continues to execute after the header() method redirect. When the rest of the code executes, the echo statement is outputted to the page. And you can't redirect using the header function after you output to the page. To avoid rest of the code from executing, use exit(). Thanks Pekka.
UPDATE: When using the web browser Internet Explorer, I have noticed that $_POST['cancel'] is not reliable. I am not exactly sure why this is, but I suspect IE posts additional variables on a form submit, specifically the variable 'cancel' is posted. I solved this by using a variable name other than 'cancel'. The combination of using exit() and a unique variable name is working for me.
Neer to specify exit code here so php not execute further
if ((isset($_POST['cancel'])) && ($_POST['cancel'] == 'cancel'))
{
header('Location: page1.php');
exit(0); // require to exit here
}
Try adding
ob_start();
at the top of the code i.e. before the include statement.
Make Sure that you don't leave a space before <?php when you start <?php tag at the top of the page.
Be very careful with whitespace and other stuff that may affect the "output" already done. I certainly know this but still suffered from the same problem. My whole "Admin.php"-file had some spaces after the closing php-tag ?> down the bottom on the last row :)
Easily discovered by adding...
error_reporting(E_ALL);
...which told me which line of code that generated the output.
Try this, Add #ob_start() function in top of the page,
if ((isset($_POST['cancel'])) && ($_POST['cancel'] == 'cancel'))
{
header('Location: page1.php');
exit();
}
Use the following code:
if(isset($_SERVER['HTTPS']) == 'on')
{
$self = $_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
?>
<script type='text/javascript'>
window.location.href = 'http://<?php echo $self ?>';
</script>"
<?php
exit();
}
?>
put < ?php tag on the top of your file (starting on frist line of document)
not:
--- Blank space or something ---
<?php
but:
<?php
..your code
header('Location: page1.php');
...
This is the code:
if($rowCheck>0) {
session_start();
while($row = mysql_fetch_assoc($check)) {
$_SESSION['developer'] = $row;
}
header("Location: http://".$_SERVER['SERVER_NAME']."/index.php");
}
else
echo 'Invalid Password or Email!';
Everything is working fine except the header, and if i write an echo after the header it will work normally. Also if i printed the location, it will show me the exact and right location.
I'm running on mamp and macos. So it's on a localhost.
Any help ?
As scott said, you need the exit() or die() after the header.
Also, check that there are no empty spaces before or after your opening and closing php tags, like this:
<?php
That will cause header functions to fail, as it is considered input. Any related include files should be checked as well.
Add exit() or die() after the header line. The header function does not stop execution of the rest of the script.
just comment everything and paste at the right beginning header("Location: http://".$_SERVER['SERVER_NAME']."/index.php"); and see if it is working. If not, check for a BOM encoding.
Couple things.
First I would put ini_set("display_errors", 1); at the very top of your page within the PHP code. You may be getting a "headers already sent" error.
Add an exit after the header to keep the script from going any further:
header("Location: http://".$_SERVER['SERVER_NAME']."/index.php");
exit;
Lastly this bit doesn't make sense.
while($row = mysql_fetch_assoc($check)) {
$_SESSION['developer'] = $row;
}
You're setting that session variable once so you don't need the while. You're also setting it equal to a mysql resource (which you may intend to do), but maybe you just need a column
$row = mysql_fetch_assoc($check);
$_SESSION['developer'] = $row['username'];
I wrote this script , but no redirect , so what is the problem
please assist me asap
<?php
include('config.php');
$number = intval($_POST['catid']);
$query = mysql_query("SELECT * FROM sound_link WHERE linkid =$linkid");
$check = $rows["catid"];
if ($check = 3)
{
echo '<B>..You will go to audio.php page.....................';
echo "<META HTTP-EQUIV='refresh' CONTENT='0; URL=AUDIO.php?linkid=$linkid'>";
echo mysql_error();
}else{
echo '.... You will stay text.php page';
}
?>
<php include 'text.php' ;?>
and I ask if I want to use header function instead of meta refresh
please kidly find a mistake I made in code
THANKS
First of all, I cannot see $linkid variable set on your script and you got a mistake on if ($check = 3) line. you just defined $check variable as 3 there. change that line with if ($check == 3) and where did you set $rows variable?
For the redirect to work, the best way to do is by HTTP Redirect, which means you have to redefine the HTTP Header.
You can get more information here: http://php.net/manual/en/function.header.php
Also note that, for the header function work without problem, you should do the redirect BEFORE you output any html code to the user, so, this MUST happen before any "echo" or php end tag ?> followed by any html content.
You should also not output any content after this, which means you should do the following:
header('Location: http://www.example.com/');
exit; // this makes sure your script execution ends here
Your question is not clear enough, but if I understood, redirect is not your only problem, you are using a $linkid variable inside a SQL query without defining it first.
Your snippet have also a potential SQL Injection flaw, you should read about it before interpolating variables with SQL queries. mysql_real_escape_string could be of some help, please read it before putting your code on production: http://php.net/manual/en/function.mysql-real-escape-string.php
I have the code below:
<?php
session_start();
echo "\n\n";
echo "inputAction.php started";
//echo "<br/><br/>";
$name = $_POST["theUser"];
$passw = $_POST["thePassword"];
if (!strcmp($name, "myPassw") && !(strcmp($passw, "1234")) )
{
//echo "correct";
$_SESSION['sessionUser']=$name;
$_SESSION['sessionPassword']=$passw;
header("location:a.php");
}
else
{
//echo "wrong";
header("Location: index.php");
}
?>
My first attempt here is to echo "inputAction.php started"; after session_start();
However, I found out that I got an error:
inputAction.php started
Warning: Cannot modify header information - headers already sent by (output started at /Library/WebServer/Documents/01032011/inputAction.php:4) in /Library/WebServer/Documents/01032011/inputAction.php on line 16
But I notice that this will be fine if I comment out the echo after session_start();
<?php
session_start();
//echo "\n\n";
//echo "inputAction.php started";
//echo "<br/><br/>";
$name = $_POST["theUser"];
$passw = $_POST["thePassword"];
if (!strcmp($name, "myPassw") && !(strcmp($passw, "1234")) )
{
//echo "correct";
$_SESSION['sessionUser']=$name;
$_SESSION['sessionPassword']=$passw;
header("location:a.php");
}
else
{
//echo "wrong";
header("Location: index.php");
}
?>
What happened? Can somebody explain why echo makes the error?
Does that mean that it's a rule not to use echo after session_start?
Any other ways to print logs (alternative to echo) that I can use after session_start?
No, the rule is rather not to output anything before header. And if you take a closer look onto the error message, it says: “Cannot modify header information […] on line 16” because “output started at […]:4”.
The line where the output started does not need to be the first one with echo as PHP does also have an internal buffer that is not flushed with every echo call.
If you want to output something before header you need to buffer it using the output control. So just call ob_start before anything else and every output is buffered so that the HTTP header can be modified even if some output already happened:
<?php
ob_start();
session_start();
// …
That warning is produced with calling the header() function. The header() function sets HTTP header for the response you are sending back. And HTTP header must be the first thing in the response. No other output can be displayed before them.
There are many solutions to this problem. One is to turn on output buffering, which will magically take care of this. The better solution is to structure your code so that you don't output anything before any calls to the header() (or session_start() function). If you would use some MVC framework (cakephp, symphony, zend, ...) you wouldn't even have to worry about it.
This exact problem has been dealt here numerous times (it's one of the most popular questions about PHP). Look at this search results.
Also invest some time in reading PHP's error messages. The error message you provided clearly states that the error was "thrown" in the header() line, and which line started the output.
You've already sent information to the browser with the \n\n, so the browser constructed a page with default headers, as it will do if you send it any text at all (even a single character).
The browser's thinking, "OK, this is just plaintext, so I'll make it into HTML the best I know how and output it." As it does this, headers are made, and the document body is created, so any more headers you want to send it are ignored until this process is restarted (with a refresh).
For this not to happen, don't send any information to the browser until you're ready for it to start constructing the page.
Object buffering is an intermediate-difficulty topic that will take a while to get right if you haven't done it before.
Because you are using the header() function in your else statement, anytime your code goes in there, it tries to redirect your page. However, like Gumbo said, header() will throw an error if there is anything output to the browser before it is called.
If you want it to echo that and then redirect, so that the user can see it, you could do it with some good, old-fashioned HTML, and you would have control over how long it took to move to the next page.
session_start();
echo '<head><meta http-equiv="refresh" content="5;url=http://www.whatever.com/a.php"></head>';
echo "\n\n";
echo 'inputAction.php started';
etc.etc.etc.
But of course, you would still have to test the input to determine what url=, which means you'd either test twice or just put the echo in the ifs anyway. Of course, it doesn't matter where the initial echos are if using ob_start() because it will only be output when the script is finished running.
Also, you really shouldn't store passwords in the Session.
How can I redirect in PHP with this setup below without getting header output errors, I understand that nothing can be printed to the browser before a header is set, I am looking for a solution, not an explanation of why it happens please.
<?PHP
// include header
include ('header.inc.php');
// In my body section file if this is a page that requires a user be logged in then
// I run a function validlogin($url-of-page-we-are-on); inside of that file
//the function is below, it outputs a redirect to login page if not logged in
// include body of page we want
include ('SOME-FILE-HERE.php');
// include footer
include ('footer.inc.php');
// here is the function that is in the body pages, it is only called on a page that we require a logged in user so there are hundreds of pages that do have this and a bunch that don't, it's on a page to page basis
function validlogin($url) {
if ($_SESSION['auto_id'] == '') {
$msg = 'Please login';
$_SESSION['sess_login_msg'] = $msg;
$_SESSION['backurl'] = $url;
$temp = '';
header("Location: /");
exit();
}
}
?>
I would like to user php's header function and not a meta or javascript redirect
Also maintainning a list of pages that require login or not is not an option here if possible
Use ob_start() in the first line even befor the include. so you can set headers anytime.
Can't you just do this:
<?php
validlogin($url); // call the function here
include ('header.inc.php');
include ('SOME-FILE-HERE.php');
include ('footer.inc.php');
?>
Or, put the include files in every one of the "SOME-FILE-HERE"-type files, if that's possible, so you end up with:
<?php
validlogin($url); // call the function here
include ('header.inc.php');
?>
<h1>Page heading</h1>
...page content etc...
<?php
include ('footer.inc.php');
?>
use { echo '<META HTTP-EQUIV="Refresh" Content="0; URL=process.php">';}
As long as you have no script output before the header() function you should be fine. Check there are no echo's or whitespace. Also putting ob_start() at the beginning can help. sometimes there is invisible whitespace - changing the format of your document to ANSI or Unicode may help!
As a note (although I think you already know) header does not terminate the script so the exit() (which you have) is a definite requirement.
Does the footer.inc.php and SOME-FILE-HERE.php write to the response stream immediately? Because if so, this won't work as you will have already written something before you sent the headers.
You need to buffer the ouput so that the HTTP header is not send on the first output. You can either buffer any ouput implicitly by enabling ouput_buffering or explicitly by calling ob_start. But the latter has to be called before the first output, so ideally in the first line of the script that’s initially called.
As already mentioned by the others use ob_start() or the output_buffer-setting to buffer the output. Apart from that it's from my point of view not a good practice to output content in the middle of functional code but this is a another topic.
You can find more information at Google or in this Article about Output Buffering in PHP.