PHP login page header() not working

I was trying to make a login form which redirects to my index page. But I think the header() function used in the second php script of the admin_login.php is not exactly working and thus if the username and password are correct also then the browser is not redirection to the index.php page. I find that the first hearder() is working properly because when ever after login I reload the browser the page is redirected to the index.php Please help me out how to rearrange the codes to get the desired results. Thanks in advance.

admin_login.php

<?php session_start(); if(isset($_SESSION["manager"])){ header("location: index.php"); exit(); } ?> <?php if(isset($_POST["username"]) && isset($_POST["password"])){ $manager = preg_replace('#[^A-Za-z0-9]#i','',$_POST["username"]); $password = preg_replace('#[^A-Za-z0-9]#i','',$_POST["password"]); include("../storescript/connect_to_mysql.php"); $sql = mysql_query("SELECT id FROM admin WHERE username = '$manager' AND password = '$password' LIMIT 1 "); $existCount = mysql_num_rows($sql); if($existCount == 1) { while($row = mysql_fetch_array($sql)){ $id = $row["id"]; } $_SESSION["id"] = $id; $_SESSION["manager"] = $manager; $_SESSION["password"] = $password; header("location : index.php"); exit(); } else { echo ("The given information is incorrect. Please <a href='index.php'>click here</a> to try again. "); exit(); } } ?> <!doctype html> <html> <head> <meta charset="utf-8"> <title>GROCERY WORLD STORE ADMIN</title> <link href="../../css/structure/template.css" rel="stylesheet" type="text/css"> <link href="adminpage.css" type="text/css"> <link href="adminpage.css" rel="stylesheet" type="text/css"> </head> <body> <!--CONTAINER--> <div> <?php include_once("../../template_header.html"); ?> <!--CONTENT AREA--> <div> <div align="left"> <form action="admin_login.php" method="post" name="adminLogin"> <table width="300" border="0"> <tr> <td>username</td> <td><input type="text" name="username"></td> </tr> <tr> <td>password</td> <td><input type="password" name="password"></td> </tr> <tr> <td><input type="submit" value="Login"></td> <td><input type="reset" value="Clear"></td> </tr> </table> </form> </div> </div> <!--FOOTER AREA--> <?php include_once("../../template_footer.html"); ?> </div> </body> </html> 

connect_to_mysql.php

<?php $mysql_host = "myhostname"; $mysql_db = "mystore"; $mysql_user = "mybuilder"; $mysql_pwd = "123"; $conn = mysql_connect("$mysql_host","$mysql_user","$mysql_pwd") or die(mysql_error());//SETING UP CONNECTION WITH SQL DATABASE mysql_select_db("$mysql_db", $conn) or die("No Database");//SELECTING DATABASE ?> 

index.php

<?php session_start(); if(!isset($_SESSION["manager"])){ header("location: admin_login.php"); exit(); } $managerID = preg_replace('#[^0-9]#i','',$_SESSION["id"]); $manager = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["manager"]); $password = preg_replace('#[^A-Za-z0-9]#i','',$_SESSION["password"]); include("../storescript/connect_to_mysql.php"); $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); $existCount = mysql_num_rows($sql); if($existCount == 0) { echo "Your record is not present in our database."; exit(); } ?> <!doctype html> <html> <head> <meta charset="utf-8"> <title>GROCERY WORLD STORE ADMIN</title> <link href="../../css/structure/template.css" rel="stylesheet" type="text/css"> <link href="adminpage.css" type="text/css"> <link href="adminpage.css" rel="stylesheet" type="text/css"> </head> <body> <!--CONTAINER--> <div> <?php include_once("../../template_header.html"); ?> <!--CONTENT AREA--> <div> <div align="left"> <h3>Hello ADMIN MANAGER. What would you like to do today?</h2> <p> <a href="#">Update products</a><br> <a href="#">Logout</a> </p> </div> </div> <!--FOOTER AREA--> <?php include_once("../../template_footer.html"); ?> </div> </body> </html> 
2

4 Answers

From the manual:

Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file.

It seems to me that line 9 of admin_login.php is a blank line. Also, connect_to_mysql.php could output something when it is included.

6

Add this to the top of the page. It solved the problem for me:

ob_start(); 

Good luck!

1

A reason why this occurs, is that before you send the header, it has already send something as body. This might be an extra white-space, or it could be another character. I had a similar problem a while back. The php file I used was corrupted a bit, it seemed there was a hidden character (hidden as in not visible in a text-editor) before <?php opening.

Solution: Try to find it. If you can't find any characters before <?php, you might want to take a look at a HEX editor like this one.

3
if(isset($_SESSION["manager"])){ include("index.php"); exit(); } $_SESSION["id"] = $id; $_SESSION["manager"] = $manager; $_SESSION["password"] = $password; include("index.php"); exit(); 

This is probably outputting some spaces or new line. The include will work where the header will not.

?> <?php 
0

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.

You Might Also Like