[Resolved] header() vs. client-side redirection - which is better?

ppowell

I have a problem with my scripts. In application.php, I am processing data, inserting into database, doing mail() functions and then I have to redirect to thankyou.php.

However, when I redirect to thankyou.php, even if all of the prior actions are successful, I get a 200 OK header insert into the HTTP headers, forcing header() to fail. Nothing in any of my scripts produces header information, there are no echo statements, no print_r statements, no sprintf, var_dump, nothing. However, headers are nonetheless produced. I even do this at the very end of the actions_script.inc.php included PHP scriptlet:

header("Location: $redirectURL");
exit();

This should stop processing cold. However, headers are STILL being produced in spite of the exit(); as if the exit(); is being completely ignored.

The only solution I found so far is client-side redirection using echo to produce HTML/Javascript information to force a client-side redirection, but this is very slow and cumbersome.

What do you suggest I do at this point?

Thanx
Phil

stephaneey

Just check whether there is no space or blank line before the header command is called in your php script.

A simple space before the call can mess-up the header!

Make sure also that you header function is not triggered by a script that is included by another one, otherwise if you parent script sends any output, it's normal that your header statement fails!

mtmosier

Usually a failed header call is accompanied by an error about headers already being outputted, and giving you line number at which output began. You didn't mention this error but I'll assume you have it.

This is usually caused by some unnoticed whitespace (spaces, newlines, whatever) at the end of one or more of your included files. First thing to do is to check out the end of all your included files to make sure that's not the problem.

If you really can't find the output in your script you can try to work around it by using the output control functions.

Nixon

try putting


ob_start();

at the start of your page, see if that helps, and instead of exit try


die();

Regards,
Jack.

ppowell

Originally posted by mtmosier
Usually a failed header call is accompanied by an error about headers already being outputted, and giving you line number at which output began. You didn't mention this error but I'll assume you have it.

This is usually caused by some unnoticed whitespace (spaces, newlines, whatever) at the end of one or more of your included files. First thing to do is to check out the end of all your included files to make sure that's not the problem.

If you really can't find the output in your script you can try to work around it by using the output control functions.

The warning is produced on Line 91 that simply says:

header("Location: $redirectURL");

In short, it errors on itself.

I checked and there is no embedded whitespace within any of my included files. I was told whitespace before the <? tag produces the error, anyway.

I am not sure how to use output control functions, I'm afraid, that just seems very bizarre.

Here is application.php:

 error_reporting(E_ALL & ~E_NOTICE);
  if ((int)ini_get('register_globals') === 1) ini_set('register_globals', false);	// PROJECT-SCOPE-ONLY SHUTDOWN OF R_G TO ENSURE IVC FUNCTIONALITY
  session_cache_limiter();
  session_start();		// USED FOR ANY STORED SESSION VARIABLES (ONLY HAS TO BE SET HERE)
  ini_set('display_errors', TRUE);
  @umask();			// NEW 11/4/2004: FIX POTENTIAL PERMISSION OCTAL OFFSET PROBLEM USING PHP umask() COMMAND TO ENSURE PROPER PERMISSIONS

  require_once('./include/required_libraries_launcher.inc.php');

  // SPECIFICALLY FOR HANDLING THE VALIDATION AND ACTIONS PERTAINING TO THIS PAGE
  require_once('./include/application_classes.inc.php');
  require_once('./include/application_action.inc.php');
  require_once('./include/validation_script.inc.php');
  require_once('./include/actions_script.inc.php');

  // TEMPLATES FOR VIEWS - USE @include_once SINCE THERE SIMPLY ARE VIEWS AND NOT ACTION-RELATED SCRIPTLETS
  @include_once('./include/header.inc.php'); 
  @include_once('./templates/application_view.php');
  @include_once('./include/footer.inc.php');

That is literally the entire script. The "header()" and "die()" statements are within a condition within actions_script.inc.php:

    if (!$hasValidated) {	// ERROR IN PROCESSING NOT CAUGHT IN VALIDATION MODE - HANDLE HERE
     $errorArray = (!is_array($errorArray)) ? $actionPerformer->getErrorArray() : $errorArray + $actionPerformer->getErrorArray();
    } else {     		// SUCCESSFUL PROCESSING
     $success = $actionPerformer->getSuccessMsg();

 // "GATE-AND-KEY" METHOD TO TIE IN THE apply ACTION TO THE thankyou.php PAGE
 $randString = randString(16);
 $_SESSION["${projectAcronym}_key"] = $randString;
 //---END OF "GATE-AND-KEY" METHOD BLOCK------------------------------------------------------
  $redirectURL = 'http://' . $_SERVER['HTTP_HOST'] . "$projectURLPath/thankyou.php?section=application&randString=$randString&id=" . 
	    		  $actionPerformer->id . '&mode=web&success=' . urlencode($success);
  //echo "<script type=\"text/javascript\">\n<!--\n location.href='$redirectURL';\n//-->\n</script>\n<noscript>\n " .
//	" <meta http-equiv=\"Refresh\" content=\"0;url=$redirectURL\">\n</noscript>\n\n";
  header("Location: $redirectURL");
  die();
}

Maybe if you guys can look at the code with a second pair of eyes someone will see something I don't see. Basically, there is no whitespace issue, no print_r/echo issue, nothing.

Phil

Nixon


ob_start();

if (!$hasValidated) {    // ERROR IN PROCESSING NOT CAUGHT IN VALIDATION MODE - HANDLE HERE
     $errorArray = (!is_array($errorArray)) ? $actionPerformer->getErrorArray() : $errorArray + $actionPerformer->getErrorArray();
    } else {             // SUCCESSFUL PROCESSING
     $success = $actionPerformer->getSuccessMsg();

 // "GATE-AND-KEY" METHOD TO TIE IN THE apply ACTION TO THE thankyou.php PAGE
 $randString = randString(16);
 $_SESSION["${projectAcronym}_key"] = $randString;
 //---END OF "GATE-AND-KEY" METHOD BLOCK------------------------------------------------------
  $redirectURL = 'http://' . $_SERVER['HTTP_HOST'] . "$projectURLPath/thankyou.php?section=application&randString=$randString&id=" . 
                  $actionPerformer->id . '&mode=web&success=' . urlencode($success);
  //echo "<script type=\"text/javascript\">\n<!--\n location.href='$redirectURL';\n//-->\n</script>\n<noscript>\n " .
//    " <meta http-equiv=\"Refresh\" content=\"0;url=$redirectURL\">\n</noscript>\n\n";
  header("Location: $redirectURL");
  die();
}

Try that.

ppowell

No avail. Same warning produced even with the inclusion of ob_start().

Phil

mtmosier

While I know the error is triggered by the header line, it's what the error actually says that's important. Perhaps you'd be so kind as to tell us what it says.

I linked you to the manual page for the output control functions so you could read it and learn how to use them. I assume you don't already know or you likely would've already used them. The reality is it's as simple as putting ob_start(); at the top of your main file (the one which actually gets called by the browser).

Posting the code for your files isn't going to help us find the whitespace (if that's the cause) because it isn't going to come through on the forum. If you zipped up all your files and attached them it might help, but that really shouldn't be necessary.

Whitespace before the <?php can be a problem as well as after the ?>. Newlines at the end of included files are notorious for this.

ppowell

Originally posted by mtmosier
While I know the error is triggered by the header line, it's what the error actually says that's important. Perhaps you'd be so kind as to tell us what it says.

I linked you to the manual page for the output control functions so you could read it and learn how to use them. I assume you don't already know or you likely would've already used them. The reality is it's as simple as putting ob_start(); at the top of your main file (the one which actually gets called by the browser).

Posting the code for your files isn't going to help us find the whitespace (if that's the cause) because it isn't going to come through on the forum. If you zipped up all your files and attached them it might help, but that really shouldn't be necessary.

Whitespace before the <?php can be a problem as well as after the ?>. Newlines at the end of included files are notorious for this.

While I can give you a censored version of the error message, I'm sorry but I can't give you the entire error message because information within it is US Federal Government regulated stuff and thus ILLEGAL for me to post it:

Warning: Cannot modify header information - headers already sent in /www/html/include/actions_script.inc.php on line 91

Technically, that's it. I added ob_start() to the very top of application.php, also to no avail. Nothing but the warning was produced before death.

Phil

mtmosier

Certainly not asking you to break the law. Sure you can post the code you already posted? 🙂 I didn't ask for that, so you can't blame me!

Anyway, either that error is unusually slim on details, or you censored out the good bit. Here's what a error looks like for me:

Warning: Cannot modify header information - headers already sent by (output started at /path/to/file.php:3) in /path/to/file.php on line 5

The "output started at" is the important bit.

ppowell

There was no "output started at" part in the original warning. I only censored the path to the original file, that's all.

I can produce code snippets, just can't reveal proprietary or data information, tis all.

Phil

mtmosier

What version of php are you using?

Since the error message isn't telling you where the output is occurring you can use the headers_sent function to track it down. As a sanity test I'd start out by putting this at the top of your application.php file:

$hsent = (headers_sent() ? 'yes' : 'no');
echo 'Headers sent?  '.$hsent;

Then assuming it comes back "no" you can move those lines to appear after each require/include. When you get a yes then it was the file/code before it that is causing the problems.

Or better yet, if you're using php 4.3.0 or later you can follow the example in the manual (where your header line is now) and get the exact line and file much eaiser.

ppowell

That code snippet saved my life!!!!!!!!!!!

I found the problem, though I don't understand WHY it is a problem:

It turns out that the $this->save() method that saves info into database will lock the table using $this->lock(). Inside $this->lock() I had the following command:

flush();
if ((int)$phpVersionInt > 430) @ob_flush();

I took out "flush()" and all is well. No more headers! I don't understand what in the world flush() does to cause that to happen.

Phil

mtmosier

ob_flush causes output to be sent to the browser immediately, thus canceling out the ob_start you added previously. The manual isn't clear on whether it sends the headers if there is no output waiting to be sent yet, but I don't suppose it matters now.

Well, glad it's working.

ppowell

It's fine with ob_flush(), it only chokes on flush() (even if I suppress with @() it chokes)

Phil

mtmosier

Duh, sorry. I missed the flush and thought you shortened ob_flush to just flush in your text. 🙂

I'm really not sure what affect flush is having on the script. It doesn't seem to affect headers if there hasn't already been output on my systems (4.2.2 and 4.3.10).