[huskyfritz]

Hello guys, I just wanna ask help with this one because php header does not redirect me to what I set to it. I have html form and a function to validate the user account. Below are few of my sample codes:

login.php

<?php 

if($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['submit']))
	{
		$response = validate_user($_POST['username'],$_POST['pass']);
	}
?>

<form method="POST" action="login.php">
    <fieldset>
        <div id="log"> 
	    <?php 
		if(!empty($response)){ 
		    echo "<p id='login-header'>". $response."</p>";
		} else {
		    echo "<p id='login-header'>You must login first!</p>";                  
		}                           
            ?>                       
            
            <p class="pad-top-bottom">
                <label for = "login-username" id="username">Username</label>
                <input type= "text" id = "login-username" name="username" class="round username-password">
                <p class="hint">Input your company ID</p>
            </p>
            
            <p class="pad-top-bottom">
                <label for = "login-password" id="password">Password</label>
                <input type= "password" id = "login-password" name="pass" class="round username-password">
                <p class="hint">Input your password</p>
            </p>
            
            <p class="pad-top-bottom">
                <input type= "checkbox" id = "login-checkbox">
                <label for = "login-checkbox" id="login-checkbox-label" class="text-pad">Keep me login</label>
            </p>
            
            <input type = "submit" class = "blue icon-left round" value = "Login" name = "submit">
        </div>
    </fieldset>
</form>

function validate_user()

function validate_user($username,$password){
		$username = append_slash($username);
		$password = append_slash($password);	
		$password = md5($password);
		
		if(!$username | !$password){
			clear_session_cookies();
			return "Username/Password is blank.";
		}
		
		$sql  = "SELECT ";
		$sql .= "	a.cUserID AS cUserID,";
		$sql .= "	CONCAT(b.cFirstName,' ',b.cLastName) AS cFullName,";
		$sql .= "	(SELECT cBranchDept FROM muti_tbl_genbranchdept WHERE cBranchDeptID = (SELECT cBranchDeptID FROM muti_tbl_empbranchdept ";
		$sql .= "		WHERE cEmpID = '{$username}' AND dDateEffect <= CURDATE() ORDER BY dDateEffect DESC LIMIT 1 )) AS cBranchDept,";
		$sql .= "	a.cAccessLevel,c.cBranchDeptID,";
		$sql .= "		(SELECT cBusUnit FROM muti_tbl_genbusinessunit WHERE cBuCode = ";
		$sql .= "					(SELECT cBuCode FROM muti_tbl_genbranchdept WHERE cBranchDeptID = ";
		$sql .= "						(SELECT cBranchDeptID FROM muti_tbl_empbranchdept WHERE cEmpID = '{$username}' AND dDateEffect <=CURDATE() ";
		$sql .= " 	ORDER BY dDateEffect DESC LIMIT 1))) AS cBusinessUnit";
		$sql .= "	FROM  muti_tbl_users a,";
		$sql .= "	muti_tbl_empinfo b, ";
		$sql .= "	muti_tbl_empbranchdept c WHERE a.cUserID = b.cEmpID AND c.cEmpID = b.cEmpID AND a.cUserID = '{$username}'";
		$sql .= "	AND a.cPassword = '{$password}' AND a.lEnabled = 0 LIMIT 1";
		
		$result = mysql_query($sql) or die(mysql_error());
		$a = mysql_num_rows($result);
		
		if($a == 0){
			//clear_session_cookies();
			return 'Invalid username/password';
		} else {
		
			while($res = mysql_fetch_array($result)) {
				session_start();
				
				$_SESSION['userid'] = $res["cUserID"];
				$_SESSION['cFullName'] = $res["cFullName"];
				$_SESSION['cAccessLevel'] = $res["cAccessLevel"];
				
				session_regenerate_id(true);
				
				session_write_close();

				[b]header("Location: controlpanel.php");
				exit();[/b]
			}	
		}
	}

Whenever I successfully login it shows a blank page and still in login.php. I search the internet but still no luck.

Any help will be much appreciated!

Thanks,
Joery

[Dormilich]

the usual. you have output before your header call, which leads to a (suppressed) warning: Cannot modify header information, headers already sent (along that line).

[huskyfritz]

Thanks for the reply. Im sorry im just a beginner in php. Where do you think I output before my header call? Can you elaborate it? thanks much!

[Dormilich]

huskyfritz, on 10 July 2012 - 10:13 AM, said:

Where do you think I output before my header call? Can you elaborate it? thanks much!

I have deduced it:
- a HTML page starts with a DTD
- followed by the <html> element
- that usually contains a <head> and <body> element
- since your code starts its HTML with <form>, there must be preceding HTML anywhere else
- hence you must have had output before your header call
- output leads PHP (resp. the server) to send the HTTP headers (because output is part of the HTTP body) & headers cannot be sent after the start of the body transmission

[menukadevinda]

hi,

As I have notice that you have use session in your code, I think you'd better set session_start() methode before start the html content.I mean <html> tag. I am not sure whether you have done that mistake but check.

[javafreak]

The simple solution is to use

you call ob_start() at the very beginning of the file and ob_end_flush() at the end

<?php 
    ob_start();

//your php code here

ob_end_flush();

?>

[Dormilich]

fixing the symptoms is simple, fixing the causes is right.