Header()

Myriadz

Hi, I know that header has to be put before html tags.

But how is this possible as <?php ?> has to within html!

"This is an immediate redirection with PHP.

This must be called before any output is sent to the user's browser or you will receive "header location" errors."

cahva

No, header must be before ANY output from page. Any commands,functions inside <?php ?> are parsed by the server and if you dont have any print or echo commands used, it wont output anything to the page. <?php is not an html-tag.

<?php
if ($something)
header("Location: http://myfile.html"); 
?>
<html>
<body>
...

Myriadz

<?php
if ($direct) {
header("Location: http://myfile.html"); / Redirect browser /
}

session_start();
session_register("client_id");
?>

<body>

<?php
// Valid form

$username = $REQUEST['login'];
$password = $REQUEST['password'];

if (empty($username) || empty($password)) {

$direct;


} 
else {

include("connect.php");

// Validate login from database (form variables "login" and "password")

$sql_validate = mysql_query("SELECT username, password FROM account_details WHERE username = '$login' AND password = '$password'", $dbconnect);

// Identify client_id from database
$sql_client = mysql_query("SELECT client_id FROM account_details WHERE username = '$login' AND password = '$password'", $dbconnect);

while ($show = mysql_fetch_array ($sql_validate)) {

   $showname = $show[username];
     $showpassword = $show[password];

}

while ($client = mysql_fetch_array ($sql_client)) {

   $client_id = $client[client_id];

}

// Get number of rows in $sql_validate. 0 if invalid, 1 if valid.

$num = mysql_numrows($sql_validate);

if ($num) {
echo "You're authorized!";
echo "Welcome" . " $showname";
echo "client id:" . " $client_id";

exit;

} else {

echo "Not authorized!";

exit;

}

}

?>
</body>
</html>

Myriadz

I inserted the redirection variable $direct into the code
but it doesn't work.

IS this correct?

if (empty($username) || empty($password)) {

$direct;

}

jpmoriarty

what are you doing?

redirection isnt a variable - it's a function. So if you want to redirect somewhere, you have to tell it to redirect:

header("Location: http://myfile.html");

That will redirect your page, but only if it appears before any html.

Now, first off you do if($direct), which will test to see if the variable $direct exists. It doesnt, so nothing will happen.

Similarly later on, you do another if statement,

if (empty($username) || empty($password)) {

$direct;

which will test if username and password are empty, and if they are, then it does $direct - but given as $direct is a variable (which is undefined), it wont do anything.

If you change your opening if statement to read:

if (empty($username) || empty($password)) {
header("Location: http://myfile.html");
}

then that will redirect you if those two variables are empty.

Your location command must be sent or executed before anything is sent to the browser

Myriadz

<?php
session_start();
session_register("client_id");

// Validate form

$username = $REQUEST['login'];
$password = $REQUEST['password'];

if (empty($username) || empty($password)) {

header("Location: [url]http://anything.html[/url]"); 

} 

 else {

<html>

<body>

include("connect.php");

Myriadz

Ok, I amended the code.

Now there is a parse error where the html starts.
Why is this so? The HTML tags has to be after any header functions right?

Geez...im killing myself

jpmoriarty

yeah but you're in php mode - you cant just start typing html and expect it to recognise that. Either put it into an echo or break out of your php mose with ?>

cahva

Quite messy code you have there.. I made this for you. Dunno if it works because I didnt test it.

<?php 
// check if the user typed anything to form, if not redirect user to some other page

if(!$_POST['login'] && !$_POST['password']) {
	header("Location: http://myfile.html"); /* Redirect browser */ 
}

include("connect.php"); 
// next we check if the user exists in our dbase
$query=mysql_query("SELECT username, password,client_id FROM account_details WHERE username = '".$_POST['login']."' AND password = '".$_POST['password']."'", $dbconnect);
$num=mysql_num_rows($query);

if ($num>0) {
	$user=mysql_fetch_array($query);
	session_start(); 
	$_SESSION['client_id']=$user['client_id'];
}
?>
<html> 
<head> 
<title>TEST</title> 
</head> 

<body> 
<?php 
if ($num>0) { 
	echo "You're authorized!<br>"; 
	echo "Welcome " . $user['username']; 
	echo "client id: " . $user['client_id']; 
} else { 
	echo "Not authorized!"; 
}
?> 
</body> 
</html>

Myriadz

geez thanks!
I knew it was messy..but I just wanted to get the code working first before 'tidying' it.

Last qn, I thought session_start() should be placed at the beginning of the code as well?

Something like headers()...