SitePoint Sponsor

User Tag List

Results 1 to 18 of 18
  1. #1
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP Header Location not working

    I have taken on the task of moving a PHP/MySql website to a new host.
    I am setting up the files in a sub-directory of my website to make sure I get it right.

    There is an administrative function on the first host when logging in takes the user to admin functions i.e. Add or update members, edit content pages (content in MySql database), etc.

    The log in works on the first host but not on my duplication website setup.
    The log in records the user and time when some one is in the admin area.

    If I login for my site, the login just returns to the login screen (no admin functions show).
    However, if I try to login again the system tells me someone is already logged in.
    So the log in is being recorded properly but the admin function page is not showing.

    A Check Login function uses

    if(check_login())
    header("Location: admin.php");

    but never displays the functions using admin.php.

    Works on first system not on my test system.

    Any help is appreciated.
    Yes I am new to serious php work but have learned alot.

    Biran

  2. #2
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    Try the following:
    PHP Code:
    if(check_login()){
    header("Location: admin.php");
    exit(); 
    // you should always do this


  3. #3
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    May I show you this section below?
    I read about always using exit();
    When I put it in with more brackets {}, I got a blank page with 0 in the upper left corner.
    Probably placement of exit(); with brackets?

    <?php

    $base_url = "../";

    session_start();
    include($base_url.'db_connections/db_connection.php');
    include($base_url.'db_connections/DBConnect_admin.php');
    include($base_url.'includes/ad.php');

    //force_logout();
    // see if the person is already logged in
    if(check_login())
    header("Location: admin.php");

    $title = "Administration Area - Login";
    $error = "";

    if(isset($_POST['submit']))
    {
    $error = login();
    if(empty($error))
    header("Location: admin.php");
    }

    ?>

  4. #4
    SitePoint Guru bronze trophy
    Join Date
    Dec 2003
    Location
    Poland
    Posts
    930
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Yes, add exit to your code. Besides, Location header requires absolute URL:

    header("Location: http://example.com/admin.php");

    Browsers usually accept relative URLs like yours but technically they are not allowed. I always send full URLs to the Location header. I don't know if that is the cause of your problem but it's a good idea to correct it.

    Also, when redirecting from a page that has been accessed by POST method (such as from a html form with method="post") it is recommended to use "303 See Other" response code:

    header("Location: http://example.com/admin.php", true, 303);

  5. #5
    Non-Member bronze trophy
    Join Date
    Nov 2009
    Location
    Keene, NH
    Posts
    3,760
    Mentioned
    23 Post(s)
    Tagged
    0 Thread(s)
    NOT that using a redirect just to pull up an admin panel is a good idea either; why aren't you just calling it flat without screwing around on the extra handshakes and page loads?!?
    Code:
    if (check_login()) {
      include('admin.php');
      exit();
    }
    Or are you sending markup before that? As I often say, if you have to resort to a redirect from inside your php, there's probably something wrong with how you've built your code.

  6. #6
    SitePoint Guru bronze trophy
    Join Date
    Dec 2003
    Location
    Poland
    Posts
    930
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by deathshadow60 View Post
    As I often say, if you have to resort to a redirect from inside your php, there's probably something wrong with how you've built your code.
    You've gone too far with this statement. There's one very valid reason to use redirects: to change the url of the page after a form has been submitted via POST. For example the login form is at http://example.com/login and after successful login a page with product listing is displayed. If you don't use a redirect then you are still at http://example.com/login on the product listing page. Two problems with that:

    1) you can't bookmark the URL or copy & paste so that it will lead to the page you are currently on
    2) when you hit reload on the target page the browser wants to resubmit the login form and displays alerts causing confusion among users

    After a redirect you are at http://example.com/product-listing, which is the real URL of the page and no problems with reloading.

    In fact, NOT using redirects in such cases causes usability problems. Usually POST requests are not hitting the server frequently compared to GET requests and using redirects in such cases has no visible impact on server load.

  7. #7
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for the advice. This project is another person's coding.
    Trying to adopt or change it if necessary. I am treading lightly because of my lack of experience with PHP and MySql.

    Only got notice of 1 reply. Glad to see others.
    Thanks again.

  8. #8
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,070
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    If you use the Live HTTP Headers add on for Firefox, and log in to the site, do you see the "Location: " header in the response at all, or doesn't it appear to do anything?
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  9. #9
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I installed Live HTTP Headers. Wasn't sure how to use it then I say to myself (I do that a lot), try Tools.
    Doesn't show any information but neither does this forum page.
    Unless I am using it wrong.

    Found it under Tools page Info.
    What am I looking for now? It does have information.

    I think part of my problem is the php is not finding the php/MySql pages properly.

  10. #10
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,070
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    It's a bit of tricky one. When you look at the page, press CTRL + SHIFT + L , and a bar will appear at the left side of the screen

    Alternatively, you could go to View (ALT + V) > Sidebar > Live HTTP Headers

    When it works you will get a bar at the left side on the screen that scrolls by text when you load a page at a rate that will make you a little bit dizzy

    An example of such a text will look like

    Code:
    http://www.sitepoint.com/
    
    GET / HTTP/1.1
    Host: www.sitepoint.com
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-gb,en;q=0.7,nl;q=0.3
    Accept-Encoding: gzip, deflate
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Connection: keep-alive
    
    HTTP/1.1 200 OK
    Server: nginx/0.8.54
    Date: Fri, 28 Oct 2011 18:42:29 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    X-Powered-By: W3 Total Cache/0.9.2.3
    Last-Modified: Fri, 28 Oct 2011 18:41:57 GMT
    Vary: Accept-Encoding,Cookie,User-Agent
    Content-Encoding: gzip
    X-Pingback: http://www.sitepoint.com/xmlrpc.php
    Cache-Control: max-age=3600
    Expires: Fri, 28 Oct 2011 19:42:29 GMT
    X-Cache: MISS from blogs.sitepoint.com
    X-Cache-Lookup: MISS from blogs.sitepoint.com:80
    Content-Length: 11136
    X-Varnish: 597800873
    Age: 0
    Via: 1.1 varnish
    The blue part is the URL requested, the green part are the outgoing headers (the headers your browser sends to the server to request the resource) and the red lines are the reply headers. The Location: should be somewhere in the reply headers for your-script.php (replace "your-script" with however your script is called).
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  11. #11
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    this is what I got. I edited my previous response. Should have just posted again.

    http://www.computersoftwaresystems.c...dmin_login.php

    POST /lba/admin/admin_login.php HTTP/1.1
    Host: www.computersoftwaresystems.com
    User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip, deflate
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Connection: keep-alive
    Referer: http://www.computersoftwaresystems.c...dmin_login.php
    Cookie: __utma=158876328.1746803708.1318789239.1319821422.1319824295.9; __utmz=158876328.1318789239.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmb=158876328.18.10.1319824295; PHPSESSID=5ce99389aa25becaccf139c88b2398cc; __utmc=158876328; GetResponseComWebform14260=WebformCookie
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 42

    HTTP/1.1 200 OK
    Date: Fri, 28 Oct 2011 18:40:46 GMT
    Content-Type: text/html
    Connection: close
    Server: Nginx / Varnish
    X-Powered-By: PHP/5.2.17
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Content-Length: 7828

  12. #12
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Got no header info.

  13. #13
    SitePoint Guru bronze trophy
    Join Date
    Dec 2003
    Location
    Poland
    Posts
    930
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by BRobinson View Post
    Got no header info.
    Hey, what you posted in your previous post is what http headers are. First, you have the request headers and below (after the blank line) the response headers. So you got header info!

  14. #14
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,070
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    Indeed, those are the headers, as Lemon Juice said

    Weird, your username/password should be in there, right under "Content-Length: 42". Or did you remove that yourself before you posted it here?
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  15. #15
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No didn't edit it.
    I will use this to look at the 'working' website and compare with 'soon to be' working website.

    Stick with me, please.

  16. #16
    Utopia, Inc. silver trophy
    ScallioXTX's Avatar
    Join Date
    Aug 2008
    Location
    The Netherlands
    Posts
    9,070
    Mentioned
    153 Post(s)
    Tagged
    2 Thread(s)
    Okay. Just so know what you're looking for, there should be something like

    Code:
    username=myusername&password=mypassword
    where "username" is the name of the HTML form field where you enter your username, "password" is the name of the HTML form field where you enter your password, and "myusername" and "mypassword" are your username and password, respectively. There may be more fields in there, but it usually the minimum needed.
    Rémon - Hosting Advisor

    SitePoint forums will switch to Discourse soon! Make sure you're ready for it!

    Minimal Bookmarks Tree
    My Google Chrome extension: browsing bookmarks made easy

  17. #17
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Found Username and Password.
    Noticed: HTTP/1.1 302 Found after username & password which maybe the root of my problem.
    Login records into database table and let me know if I try to login again but doesn't want to show Admin functions in admin.php.

    ---------------------------------------------

    http://computersoftwaresystems.com/l...dmin_login.php

    POST /lba/admin/admin_login.php HTTP/1.1
    Host: computersoftwaresystems.com
    User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip, deflate
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Connection: keep-alive
    Referer: http://computersoftwaresystems.com/l...dmin_login.php
    Cookie: __utma=158876328.1746803708.1318789239.1319824295.1319833208.10; __utmz=158876328.1319833208.10.2.utmcsr=ipower.com|utmccn=(referral)|utmcmd=referral|utmcct=/controlpanel/FileManager/; PHPSESSID=4c98a077de35135fba63c6306561320d; __utmb=158876328.1.10.1319833208; __utmc=158876328
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 42
    username=brian&password=23192&submit=Login

    HTTP/1.1 302 Found
    Date: Fri, 28 Oct 2011 20:17:59 GMT
    Content-Type: text/html; charset=iso-8859-1
    Connection: close
    Server: Nginx / Varnish
    X-Powered-By: PHP/5.2.17
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Location: http://computersoftwaresystems.com/lba/admin/admin.php
    Content-Length: 7530
    ----------------------------------------------------------
    http://computersoftwaresystems.com/lba/admin/admin.php

    GET /lba/admin/admin.php HTTP/1.1
    Host: computersoftwaresystems.com
    User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip, deflate
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Connection: keep-alive
    Referer: http://computersoftwaresystems.com/l...dmin_login.php
    Cookie: __utma=158876328.1746803708.1318789239.1319824295.1319833208.10; __utmz=158876328.1319833208.10.2.utmcsr=ipower.com|utmccn=(referral)|utmcmd=referral|utmcct=/controlpanel/FileManager/; PHPSESSID=4c98a077de35135fba63c6306561320d; __utmb=158876328.1.10.1319833208; __utmc=158876328

    HTTP/1.1 302 Found
    Date: Fri, 28 Oct 2011 20:18:00 GMT
    Content-Type: text/html; charset=iso-8859-1
    Connection: close
    Server: Nginx / Varnish
    X-Powered-By: PHP/5.2.17
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Location: http://computersoftwaresystems.com/l...dmin_login.php
    Content-Length: 245
    ----------------------------------------------------------

  18. #18
    SitePoint Member BRobinson's Avatar
    Join Date
    Aug 2009
    Location
    LaSalle, ON Canada
    Posts
    15
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Conclusion to my problem came down to losing $_Session variable, but thanks to reading common problems I found a suggestion to use session_start(); at the beginning of pages to read the session variables.
    After weeks, of learning PHP & MySql, I am happy to get this application working.
    Strange because, it works at another hosting company developed by another company.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •