I made a simple login-system in php and mysql, but I keep getting errors saying that headers already been sent, and using ob_start fixes this problem, but im not sure if I should then use ob_clean at the footer afterward?
Also, the error comes when I have logged in to the account page, saying header already been sent in previuos page - > header("Location: account.php"); But I have to redirect the user when they login.
My login page looks like this
require_once('models/init.php'); // db connection and other functions
include('header.php'); // some html code for the header, with one line php-function to check if user is logged in, if so show "home" tab instead of "login"
{
php code to check if username/pass matches etc, and if so redirect to account page
header("Location: account.php");
}
echo "<form>" // display the login form
include("footer"); // including footer, some html/js code.
This code above works if I use ob_start in the header.php file. But should I use ob_clean afterwards in the footer.php file?
Sorry if anything is unclear, english is not my first languish
Thanks!
The general principle is you cannot use echo before header(). So, this will never work:
echo "this is my header";
header("Location: account.php");
echo "this is my footer";
However, if you sent the headers first, everything works fine:
header("Location: account.php");
echo "this is my header";
echo "this is my footer";
In your case, you should do the check before you include the header:
require_once('models/init.php'); // db connection and other functions
if ($user_is_logged_in) { // Do your check here
header("Location: account.php");
}
include('header.php'); // some html code for the header, with one line php-function to check if user is logged in, if so show "home" tab instead of "login"
echo "<form>" // display the login form
include("footer"); // including footer, some html/js code.
ob_start() captures the output (what would otherwise be printed or echoed). If you don't need to echo the output or to do anything with it then just use ob_end_flush() when you are finished.
Related
I would like a person who is not logged in be redirected to the index page.
on my onlymembers.php I put this code:
if(!$user->is_logged_in()){
echo "you are not logged in";
header("Location: index.php");
}
It is printing out "you are not logged in" which indicates that the login check is working. But I will not be redirected to the index page. Do you know why?
Update:
I used this code now and it is working:
if(!$user->is_logged_in()){
header("Location: index.php");
}
I have actually NO idea why. I just removed some whitespaces :-/
Update again: I know now the problem: I just removed the whitespace infront my <?php at the beginning of my page....
You can't send the content of a page before using an HTTP redirection (you should have a PHP error like "headers already sent" with your code). You either have to redirect using javascript or remove the "echo" :
if(!$user->is_logged_in()){
header("Location: index.php");
}
You cannot send an HTTP header after you've sent a visual output to the user. You could instead use an header with a refresh condition that will allow you to send an output to the user.
if(!$user->is_logged_in()){
header("Refresh: 5; url=./index.php");
//after 5 seconds the user gets redirected. To change the period of time just change the number after "Refresh"
echo "you are not logged in";
exit();
}
P.S. Is always suggested that you use an exit() function (like I did) when you want force redirect an user for security prouposes.
You could also put a variable on the redirect link and then parse it on index.php to display a message, like this...
Redirect
if(!$user->is_logged_in()){
$msg = "you are not logged in";
header("Location: index.php?reply=$msg");
exit();
}
Additional index.php code
if(!empty($_GET['reply'])) {
$reply = $_GET['reply'];
}
Then you have the $reply variable that contain the message you can display in your index.
there with location redirect not working then you may use javascript for this.
<script>
window.location = "http://www.redirecturl.com/"
</script>
Move the if statement above the header file include.
ob_start() at the top of the script to buffer the output.
if(!$user->is_logged_in()){
echo "you are not logged in";
ob_start();
header("Location: index.php");
}
OR
<script>
var url = "http://yoururl.com";
window.location.href = url;
</script>
Header function should be used before html tag.
Example:
<html>
<?php
/* This will give an error. Note the output
* above, which is before the header() call */
header('Location: http://www.example.com/');
exit;
?>
My code looks like this so far:
<?php
session_start();
//if session is not registered
if(!isset($_SESSION['Email'])) {
header("Location:createEvent.php");
}else{//if session is registered
header("includes/inc_header_User.php");
}
?>
I want to keep the header for each page as: inc_header_User.php as long as the user is logged in.
You need to use include(), not header() to import the contents of the file.
include("includes/inc_header_User.php");
header() is used to send HEADER information to the browser. I believe your second header() statement should really be include(), which includes other PHP files into the current script.
That would be included twice once for the header and another time for the footer in order to change either or both of them.
<?php
session_start();
//if session is not registered
if(!isset($_SESSION['logged_in'])) {
include("footer.php");
}else{//if session is registered
Include("footer_inside.php");
}
?>
I have a login page that I register two sessions username and password. then redirect to another page. Once at this page
$_SESSION['username'] = "";
$_SESSION['password'] = "";
after login check I have the next page check if the session is registered
session_start();
if(isset($_SESSION["username"]){
continue
}else go back to login page
Once I'm logged in I want to go to another page that depending on if the session variable is set I display something different on the page.
So on the galery page I do
at the very top of page I do
<?php
session_start();
?>
then further down where I want the button to be I do
<?php
if (isset($_SESSION['username'])){
show a new button
}
?>
I get the button to show but at the top of the page I have
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent
and it messes up how my page is displayed. Any ideas? I have the session_start(); at the very begging of page I don't know why this is happening. Any ideas?
You'll get that error if anything outputs to the browser before you call session_start(). For example, you can't do:
<?php
echo "Test";
session_start();
You also can't do:
<?php session_start();
(note the space before the <?php)
Make sure nothing - no HTML, no blank lines, no spaces - is written out prior to your session_start() calls and you'll be fine.
You need to ensure there's nothing (whitespace, UTF-8 BOM) before your <?php. This also applies to any files you include before the session_start() call.
Is the gallery page being included in another file?
<?php
// lots of php code
include('/path/to/gallery.php');
?>
If anything is being sent to the browser before the session_start(); it will create this error.
Session is a header, headers can't be sent after any output (even a single space). You got 2 options, place session_start() before ANY output or you could also use output buffering, this allows you to send headers after output.
Place this at the top of your script
ob_start();
And this at the end
echo ob_get_clean();
When using this code to try an show an error, the page redirects to myaccount, but should only redirect there if the required field has been completed, for example;
error message appears if birth_country is not chosen
if(empty($birth_country))
{
$err[] = "ERROR - Enter Birth Country";
header("Location: personal.php?msg=$err[0]");
}
but if it is chosen, should redirect to...
header("location: myaccount.php?id=" . $_SESSION['user_id']. "");
exit();
However it always goes to myaccount no matter what
Thanks
After your first header put exit as well. Your code just continues on and it likely emits the second location header as well, negating the first.
Like Frits says, you will have to print out the error to the screen if you want it to be seen; however, you can not print out any HTML before a header or the header won't work. If you want to print the error on the redirecting page then I would suggest putting the error message in a $_SESSION cookie, then call and echo that cookie/variable on the redirecting page. But by doing this, you will need to use php session_start() at the top of the question page and the top of your redirect page in order to use the $_SESSION variables
Also, your second header
header("location: myaccount.php?id=" . $_SESSION['user_id']. "");
exit();
Should look like this:
header("Location: myaccount.php?id=$_SESSION['user_id']")
By using the double quotes, you don't need to add the $_SESSION[] tag, then add blank "" at the end.
I know in the Manuel it says that the header has to be the first thing in a script, but how come I see some codes where header("Location: member.php?id=$username") is in a if-statement?
Ex:
//a bunch of codes above
if($result!="0"){
// authenication correct lets login
$_SESSION["password"] = $password;;
$_SESSION["username"] = $username;
header("Location: member.php?id=$username");
}
else
{
echo "Wrong username or password. Please try again!";
}
But when I do this, it sometimes would/won't throw an error.
How do I allow the header (); to be used in a script without any errors?
I want to redirect the user back to the login if they click "no" and to the homepage if they click "yes".
It doesn't have to be the first thing in the script. But it haves to be the first thing that you output to the user. You MUST NOT echo stuff before using the header function. If you don't, you can use it at any place you want.
You could also "ignore output" using ob_start and ob_end_clean.
Best regards,
T.
You have to use output buffering so that nothing is sent back to the browser until the entire operation is complete. Check out the ob_start function, that should give you a good starting place.
ob_start
Without output buffering, the script sends header info back to the browser, and once that has happened you cannot use header() to redirect.
header('Location: member.php?id='.$username);
You might want to change and use this code instead if you are just going to send or $_GET['username'] an value from your previous session.