PHP - Redirecting
I do know that nothing should be printed out before a header() redirect, yet this error message:
Code: [Select] Warning: Cannot modify header information - headers already sent by Is pointing to a meta tag, why does a meta tag become considered as a print out? The meta tags are as usually located in between the header tags of the whole website. What would you rather recommend in this case to accomplish a redirecting after a successful log in? Similar TutorialsHey guys, If my php looks like this: (notify if errors) <?php $user=$_POST['user']; $pass=$_POST['pass']; if(($user=="testing") && ($pass=="testing123")) echo "Access Granted"; if other echo "Access Denied!" ?> If after the "Access Granted" It could redirect the user to another webpage, index2.html for instance. Thanks in advance Hello everyone, i have a "bug" i'd like you to see and help me solve if possible. Let me tell you about when the redirection starts. In my script, it checks if the two words you've entered in two boxes, if they match with the two words on the mysql database then send them to /php/userpanel.php if they doesnt send them to /php/loginerror1.php My problem is, that when you've been redirected to ex. /php/loginerror1.php then when you click to a new page in the menu, it sends you to /php/loginerror1.php/index.php /php/loginerror1.php also dont have any design, i think it doesnt load the .css properly. Anyone had this, or anyone knows how to fix it? Thanks Niixie Hi again, I have created a comment script, which is working pretty good. Now the problem I am facing is for instance this is one page www.mysite.com/blah1 and this is another www.mysite.com/blah2. They both have options to comment, now what is happening some one posts on blah2, it redirects to blah 1 and some one posts on blah 1 redirects to itself what I want to achieve is when a person posts a comment on any given page PHP redirects the person to the page where they posted from (itself) not the other one. Thanks any help or guidance would be appreciated. I hope was clear enough! Is it okay to redirect a user to another page - which displays an outcome message - after a form is submitted? Debbie As the title says, my headers not redirecting. Login.php: <?php include("global.php"); if (isset($_POST['login'])) { // Form data $email = $_POST['email']; $password = $_POST['password']; // If email and password are both filled in if ($email && $password) { mysql_select_db("social_site") or die("Can\'t find database!"); $query = mysql_query("SELECT * FROM users where email = '$email'"); $numrows = mysql_num_rows($query); // If email in database if ($numrows != 0) { // Login while ($row = mysql_fetch_assoc($query)) { $dbemail = $row['email']; $dbpassword = $row['password']; } if ($email == $email && $password == $dbpassword) { // User is logged in header(' location: index.php '); } else { echo "Incorrect password."; } } else { echo "That email does not exist."; } } else { echo "Please fill in <strong>all</strong> fields."; } } ?> <p> <html> <form action = 'login.php' method = 'POST'> Email: <input type = 'text' name = 'email'> <p> Password: <input type = 'text' name = 'password'> <p> <input type = 'submit' name = 'login' value = 'Login'> </form> </html> Global.php: <?php // This is the global file for the entire website // Start a session session_start(); // Start MySQL connection mysql_connect('localhost', 'root', 'root'); ?> Any ideas? For some reason the below is always redirecting to ./index.php?usercp=ideas&message=error I'm assuming it's something to do with mysql_affected_rows. <?php session_start(); require_once 'db_select.php'; require_once 'func.php'; $donor_id=$_POST['donor_id']; $donor_id=sanitize($donor_id); $username=$_POST['username']; $username=sanitize($username); $name=$_POST['name']; $name=sanitize($name); $amount=$_POST['amount']; $amount=sanitize($amount); $idea_message=$_POST['idea_message']; $idea_message=sanitize($idea_message); $_SESSION['idea_message']=$idea_message; $subject=$_POST['subject']; $subject=sanitize($subject); $_SESSION['subject']=$subject; $confirm_agreement=$_POST['confirm_agreement']; $confirm_agreement=sanitize($confirm_agreement); if($subject==""){ $error0=1; } else{ $error0=0; } if($idea_message==""){ $error1=1; } else{ $error1=0; } if(($confirm_agreement!="no" && $confirm_agreement!="yes") || $confirm_agreement=="no"){ $error2=1; } else{ $error2=0; } $error="".$error0."".$error1."".$error2.""; if($error!="000"){ header("Location: ./index.php?usercp=ideas&error=".$error.""); } else{ $sql="INSERT INTO $tbl_name5 (message_number, donor_id, username, name, amoutn, message) VALUES ('$message_number', '$donor_id', '$username', '$name', '$amount', '$message')"; mysql_query($sql); if(mysql_affected_rows()==1){ header("Location: ./index.php?usercp=ideas&message=submitted"); unset($_SESSION['idea_message']); unset($_SESSION['subject']); } else{ header("Location: ./index.php?usercp=ideas&message=error"); } } ?> Can Someone please look at the following zip file and edit index and code-gen so when someone refer required amount of visitors, php echo will redirect them to complete.php
I have got css and js but not uploading as they are too big
Thanks (please help me)
script.zip 29.95KB
3 downloads
Hi guys Another basic question. I have this dynamic link when I click it, it redirect to this link below, Code: [Select] http://samplesite.com/adventure/\'google.com\' How do I remove the main site --> samplesite.com redirect only to google.com? I also tried to remove the two slashes using stripslashes() but it won't. By the way here is the stripslashes() codes, Code: [Select] while ($db_field = mysql_fetch_assoc($result)) { $title = $db_field['title']; print "Title: " . stripslashes($title) . "<br>"; print "Description: " . $db_field['description'] . "<br>"; print "Version: " . $db_field['version'] . "<br>"; print "Started: " . $db_field['started'] . "<br>"; print "Finished: " . $db_field['finished'] . "<br><br>"; } Thanks in advanced. Hello I have moved my web site from local machine to a hosted server (Ionos) I seem to be having issues with any code that has redirects or checks if the user is logged in, I just get a blank page, any idea's ? works fine on my local Xamp version two examples below (if I remove the code the page runs)
// We need to use sessions, so you should always start sessions using the below code. session_start(); // If the user is not logged in redirect to the login page... if (!isset($_SESSION['loggedin'])) { header('Location: login.php'); exit(); } ?>
<?php // database connect include('../db_connect.php'); // We need to use sessions, so you should always start sessions using the below code. session_start(); // If the user is not logged in redirect to the login page... if (!isset($_SESSION['loggedin'])) { header('Location: login.php'); exit(); } // if submit button selected run code if(isset($_POST['submit'])){ $_SESSION['district'] = $_POST['district']; header('Location: add_d_choice.php'); } ?> <!DOCTYPE html> <html> <head> </head>
why won't this header redirect? it doesn't seem to like the mysql_close. can i update the database before redirecting to another page? is it possible? Code: [Select] <?php session_start(); $name = "uname"; $lastLogin = date('l jS \of F Y h:i:s A'); require_once('../Connections/uploader.php'); mysql_select_db($database_uploader, $uploader); $query = "SELECT * FROM members WHERE uname='" . $name . "'"; $result = mysql_query($query) or die(mysql_error()); // connect to database here MYSQL_CONNECT($server, $user, $password) or die ("Server unreachable"); MYSQL_SELECT_DB($database) or die ("Database non existent"); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_array($result) or die(mysql_error()); mysql_query("UPDATE members SET lastLogin='$lastLogin' WHERE uname='$name'") // ERROR MESSAGE?? or die(mysql_error()); mysql_close($con); header('Location: redirect.php'); } ?> thanks in advance. i am trying to redirect a user to a certain page, if the credentials are not right. if there is no session user, they are kicked out. if it is set, but to the guest account, they go to the login page with a special error message. here is my code for it: Code: [Select] if (!isset($_SESSION['user'])) { header('Location: portal.php?logintocontinue'); exit; } elseif($_SESSION['user'] == "guest") { header('Location: portal.php?invalidLogin'); exit; } else { } after attempting to run the page, with session user = guest, i get this error message: The page isn't redirecting properly. does it have to do with headers already being sent? Hello, I'm having some problems with a redirect situation. I start on a page called Create Assignment. From this page I pass (using GET) the variable assignment_id to a page called Add_questions (the user can add questions to this specific assignment). When a user wants to add a question, they hit a link which brings them to my Database Update script. All works great so far! After the update, however, I want to redirect them BACK to the Add_questions page while keeping the same Assignment number. I've tried using: header('Location: list_assignment_question.php?assignment_id'); but I get this error: Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/algebra_book/main_scripts/db_insert_assignment_question.php:6) in /Applications/MAMP/htdocs/algebra_book/main_scripts/db_insert_assignment_question.php on line 12 Any thoughts? I'd be more than happy to provide more code as needed. Is there anyway to do this: my form is posting to self, then checking login creds. if they are incorrect it spits out "invaild bla bla" but if they are correct send them to a different page? here is the short version of what I have. if(isset($_POST['submit'])) { //check inputs vs db if ($check) { header("Location: http://". $_SERVER['SERVER_NAME']."/include/process_renew.php"); } else { echo "<font color='red'>Username or Password did not match.</font> <br /><br />"; } } } I tested it using echo first and it worked fine then replaced the echo with header and now when I submit it just refreshes the page. is this not possible? Hi Guys,
I have a Url which allows me to send sms to a number. The url usually asks for id , number and few other things. When I paste the url in browser and press enter it opens and a sms is sent.
Now I want to code in php a way to send sms without redirecting to that page. For e.g. I ask user his mobile number and then I should be able to call/run that url and a sms should be sent to his number. If I use php header then it redirects to that page. I have tried using file_get_contents and php cURL but it has not worked so far.
Can you guys help me out ?
Thank you,
Cheers,
GR
Per usual, I'm having an issue wrapping my head an issue, or I'm just not able to narrow the search well enough.
I have a form... method = post action = /process.php Upon hitting process.php, it will UPDATE a data table with the $_POST data it gets from the form. After that, I want to send it to PayPal.
It seems like at some point I was able to complete two 'actions' at once, but it's so long since I've created my own forms. Then again, maybe it was a redirect after executing the UPDATE. I just don't remember, and anything I search for doesn't seem to produce results of something that worked. Hi, I have a form in file A.php. <?php <form name="A.php" action="B.php" method="post"> ...... <input type="text" name="name" id="name" /> .... <input type="text" name="email" id="email" /> .... ?> When the form is submitted php validation takes place on form B.php <?php if ( isset($_POST['submitted']) { if ($_POST[name]) { $name = $_POST[name]; } else { //what code goes here? } ...... ?> What I would like to happen in the else statement is that if name field is left blank user is automatically redirected to A.php, the name field is highlighted and a small error message that the name field was left empty appears. How can that be achieved? I would be very grateful for all help. My website has been working just fine, and I negated a condition to trigger an error message, and now I keep getting this... Quote The page isn't redirecting properly Here is the file I am working with... <?php //Build Date: 2012-03-10 // ************************ // Update Last Activity. * // ************************ if ((isset($_SESSION['loggedIn'])) && ($_SESSION['loggedIn'] == TRUE)){ // Initialize variables. $loggedIn = 1; $memberID = (isset($_SESSION['memberID']) ? $_SESSION['memberID'] : ''); // ************************ // Update Member Record. * // ************************ // Connect to the database. require_once(WEB_ROOT . 'private/mysqli_connect.php'); // Build query. $q = "UPDATE member SET logged_in=?, last_activity=now() WHERE id=? LIMIT 1"; // Prepare statement. $stmt = mysqli_prepare($dbc, $q); // Bind variables to query. mysqli_stmt_bind_param($stmt, 'ii', $loggedIn, $memberID); // Execute query. $success = mysqli_stmt_execute($stmt); // Verify Update. if ($success === FALSE){ // Update Failed. $_SESSION['resultsCode'] = 'MEMBER_UPDATE_FAILED_2126'; // Redirect to Display Outcome. header("Location: " . BASE_URL . "/members/results.php"); // End script. exit(); } /* $affectedRows = mysqli_stmt_affected_rows($stmt); echo $affectedRows; exit(); // Verify Update. if ($affectedRows!==1){ //echo mysqli_stmt_affected_rows($stmt); //exit(); // Update Failed. $_SESSION['resultsCode'] = 'MEMBER_UPDATE_FAILED_2126'; // Redirect to Display Outcome. header("Location: " . BASE_URL . "/members/results.php"); // End script. exit(); }//End of UPDATE MEMBER RECORD */ // Close prepared statement. mysqli_stmt_close($stmt); // Close the connection. // mysqli_close($dbc); }//End of UPDATE LAST ACTIVITY ?> This file is included by all other pages so that as a User navigates my site I am constantly updating the "last_activity" field in the database. If I change the condition from... Code: [Select] if ($success === FALSE){ ...to... Code: [Select] if ($success !== FALSE){ ...then I get this error?! (Where I am at, the Internet is on and offline. Could that be a factor??) I am REALLY CONFUSED what is happening here... Debbie Hi, Struggling to find the problem just getting page is not redirecting properly from browser Code: [Select] <?php function seoclean_ad( $uc_string ) { $seo_clean_string = strtolower( "{$uc_string}" ); $seo_clean_string = str_replace( " ", "_".SS_SEOSPREP."", "{$seo_clean_string}" ); $seo_clean_string = str_replace( "&", "and", "{$seo_clean_string}" ); $seo_clean_string = preg_replace( "[^A-Za-z0-9_-]", "", $seo_clean_string ); $seo_clean_string = "{$seo_clean_string}".SEO_SUFFIX.""; return $seo_clean_string; } function prepare_template_output( $data ) { if ( is_array( $data ) ) { $ret = array( ); foreach ( $data as $key => $value ) { $ret[$key] = prepare_template_output( $value ); } return $ret; } if ( !is_numeric( $data ) ) { $data = stripslashes( $data ); $data = trim( $data ); $data = htmlentities( $data ); } return $data; } function ukDate( $inDate ) { global $outDate; list( $uYear, $uMonth, $uDay ) = explode( "-", "{$inDate}" ); $outDate = "{$uDay}-{$uMonth}-{$uYear}"; return $outDate; } function write_cache( $f_cache_data, $f_cache_file ) { if ( !( $fp = fopen( $f_cache_file, "w" ) ) ) { trigger_error( "Error opening cache file" ); exit( ); } if ( !flock( $fp, LOCK_EX ) ) { trigger_error( "Unable to lock file" ); exit( ); } if ( !fwrite( $fp, serialize( $f_cache_data ) ) ) { trigger_error( "Error writing to cache file" ); exit( ); } flock( $fp, LOCK_UN ); fclose( $fp ); } function read_cache( $f_cache_file ) { if ( !file_exists( $f_cache_file ) ) { trigger_error( "Invalid cache file" ); exit( ); } return unserialize( file_get_contents( $f_cache_file ) ); } function list_options( $arrayname, $mode ) { global $row; global $row_2; $sarray = ""; foreach ( $arrayname as $v ) { if ( !isset( $row['salutation'] ) && $row['salutation'] == $v || isset( $row_2['salutation'] ) && $row_2['salutation'] == $v ) { if ( !isset( $mode ) ) { echo "<option value=\"".$v."\" selected>{$v}</option>\n"; } else { $sarray .= "<option value=\"".$v."\" selected>{$v}</option>\n"; } } else if ( !isset( $mode ) ) { echo "<option value=\"".$v."\">{$v}</option>\n"; } else { $sarray .= "<option value=\"".$v."\">{$v}</option>\n"; } } return $sarray; } function genprevnext( $total_pages, $position, $nresults, $scriptis, $extras ) { global $shopurl; global $seoFriend; global $connection; global $instdir; global $smode; if ( !empty( $smode ) ) { $smodebits = "{$smode}/"; } else { $smodebits = ""; } if ( !empty( $_GET['smode'] ) ) { $smodebits = "".htmlentities( $_GET['smode'] )."/"; } else { $smodebits = ""; } $disppages = intval( $total_pages / $nresults ); if ( $total_pages % $nresults ) { ++$disppages; } if ( $nresults <= $position ) { $current_page_num = $position / $nresults + 1; } else { $current_page_num = 1; } $limit = $nresults; $stages = 3; $position = $position; $page = $position / $nresults + 1; if ( $page ) { $start = ( $page - 1 ) * $limit; } else { $start = 0; } if ( $page == 0 ) { $page = 1; } $prev = $page - 1; $next = $page + 1; $lastpage = ceil( $total_pages / $limit ); $LastPagem1 = $lastpage - 1; $paginglinks = ""; if ( 1 < $lastpage ) { if ( 1 < $page ) { $prevoffset = $position - $nresults; $paginate .= "<a href=\"".$scriptis."?position={$prevoffset}&nresults={$nresults}{$extras}\">« Prev</a>"; } else { $paginate .= "<span class='pagination-disabled'>« Prev</span>"; } if ( $lastpage < 7 + $stages * 2 ) { $counter = 1; for ( ; $counter <= $lastpage; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } break; } } while ( 1 ); } else if ( 5 + $stages * 2 < $lastpage ) { if ( $page < 1 + $stages * 2 ) { $counter = 1; for ( ; $counter < 4 + $stages * 2; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } } $paginglinks .= "..."; $newoffsetlm1 = $LastPagem1 * $limit - $limit; $newoffsetlp = $lastpage * $limit - $limit; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>"; } else if ( $page < $lastpage - $stages * 2 && $stages * 2 < $page ) { $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>"; $paginglinks .= "..."; $counter = $page - $stages; for ( ; $counter <= $page + $stages; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } } $paginglinks .= "..."; $newoffsetlm1 = $LastPagem1 * $limit - $limit; $newoffsetlp = $lastpage * $limit - $limit; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlm1}&nresults={$nresults}{$extras}\">{$LastPagem1}</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$newoffsetlp}&nresults={$nresults}{$extras}\">{$lastpage}</a>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position=0&nresults={$nresults}{$extras}\">1</a>"; $paginglinks .= "<a href=\"".$scriptis."?position={$limit}&nresults={$nresults}{$extras}\">2</a>"; $paginglinks .= "..."; $counter = $lastpage - ( 2 + $stages * 2 ); for ( ; $counter <= $lastpage; ++$counter ) { $newoffset = $counter * $limit - $limit; if ( $counter == $page ) { $paginglinks .= "<span class=\"pagination-current\">".$counter."</span>"; } else { $paginglinks .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">{$counter}</a>"; } } } } $paginate .= $paginglinks; if ( $page < $counter - 1 ) { $newoffset = $position + $nresults; $paginate .= "<a href=\"".$scriptis."?position={$newoffset}&nresults={$nresults}{$extras}\">Next »</a>"; } else { $paginate .= "<span class=\"pagination-disabled\">Next »</span>"; } } if ( $nresults < $total_pages ) { echo $paginate; } function buildCategorySelect( ) { global $connection; global $category_id; $level = "0"; $sql = "SELECT * from categories WHERE category_parent_id='deftl'"; if ( !( $result = @mysql_query( $sql, $connection ) ) ) { exit( "** COULD NOT BUILD CATEGORY DROP DOWN ** ".mysql_error( ) ); } while ( $row = mysql_fetch_array( $result ) ) { $parent = "{$row['category_id']}"; $row[category_name] = stripslashes( "{$row['category_name']}" ); if ( $category_id == $row[category_id] ) { echo "<option value=\"".$row['category_id']."\" selected>+ {$row['category_name']}</option>\n"; } else { echo "<option value=\"".$row['category_id']."\">+ {$row['category_name']}</option>\n"; } getchildren( $parent, $level ); } } function getChildren( $parent, $level ) { global $connection; global $category_id; ++$level; if ( !ctype_digit( $parent ) ) { $parent = ""; } $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name"; if ( !( $result1 = @mysql_query( $sql1, $connection ) ) ) { exit( "Couldn't build category tree child part: ".mysql_error( ) ); } while ( $row1 = mysql_fetch_array( $result1 ) ) { $parent = "{$row1['category_id']}"; if ( $category_id == $row1[category_id] ) { echo "<option value=\"".$row1['category_id']."\" selected>"; } else { echo "<option value=\"".$row1['category_id']."\">"; } $i = 0; for ( ; $i < $level; ++$i ) { echo " "; } echo "|--[".$level."]"; echo " ".$row1['category_name']."</option>\n"; getchildren( $parent, $level ); } } function getChildrenSEL( $parent, $myparent, $level ) { global $connection; global $https; global $category_id; ++$level; if ( !ctype_digit( $parent ) ) { $parent = ""; } $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."' order by category_name"; if ( !( $result1 = @mysql_query( $sql1, $connection ) ) ) { exit( "Couldn't build category tree child part: ".mysql_error( ) ); } while ( $row1 = mysql_fetch_array( $result1 ) ) { $parent = "{$row1['category_id']}"; if ( $myparent == $row1[category_id] ) { echo "<option value=\"".$row1['category_id']."\" selected>"; } else if ( $category_id == $row1[category_id] ) { echo "<option value=\"deftl\">"; } else { echo "<option value=\"".$row1['category_id']."\">"; } $i = 0; for ( ; $i < $level; ++$i ) { echo " "; } echo "|".$level."|"; echo "{$row1['category_name']}</option>\n"; getchildrensel( $parent, $myparent, $level ); } } function makeCategoryMap( ) { global $connection; global $adminurl; $level = "0"; $sql = "SELECT * from categories WHERE category_parent_id='deftl'"; if ( !( $result = @mysql_query( $sql, $connection ) ) ) { exit( "Couldn't build category tree parent part: ".mysql_error( ) ); } while ( $row = mysql_fetch_array( $result ) ) { $parent = "{$row['category_id']}"; $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't get data from products db" ); } $numrows = mysql_num_rows( $result3 ); if ( $numrows < 1 ) { $linker = ""; } else { $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row['category_id']}'\" value=\"Products ({$numrows})\" />"; } $row[category_name] = stripslashes( "{$row['category_name']}" ); echo "<tr>\n\t\t\t\t<td> + <a href=\"".$adminurl."products/editcategory.php?category_id={$row['category_id']}\" title=\"{$row['category_desc']}\">{$row['category_name']}</a> </td>\n\t\t\t\t<td>"; if ( $row[category_publish] == Y ) { echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=N'\" />"; } else { echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row['category_id']}&act=Y'\" />"; } echo "</td>\n\t\t\t\t<td> <input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row['category_id']}'\" value=\"Add\" /> {$linker} </td>\n\t\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row['category_id']}\",\"Are you sure you want to delete this category?\");' /> </td>\n\t\t\t</tr>\n"; getchildrenlist( $parent, $level ); } } function getChildrenList( $parent, $level ) { global $connection; global $adminurl; ++$level; $where_in_level = "0"; if ( !ctype_digit( $parent ) ) { $parent = ""; } $sql1 = "SELECT * from categories WHERE category_parent_id='".$parent."'"; if ( !( $result1 = @mysql_query( $sql1, $connection ) ) ) { exit( "Couldn't build category tree child part: ".mysql_error( ) ); } while ( $row1 = mysql_fetch_array( $result1 ) ) { ++$where_in_level; $parent = "{$row1['category_id']}"; $level_indent = $level - 1; $i = 0; for ( ; $i < $level_indent; ++$i ) { echo " "; } if ( $last_level == $level ) { echo " "; } else { echo " "; } $i = 0; for ( ; $i < $level; ++$i ) { echo " "; } $sql3 = "SELECT product_id from products WHERE category_id='".$parent."'"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't get data from products db" ); } $numrows = mysql_num_rows( $result3 ); if ( $numrows < 1 ) { $linker = ""; } else { $linker = "<input type=\"button\" class=\"list\" onclick=\"location.href='".$adminurl."products/productlist.php?category_id={$row1['category_id']}'\" value=\"Products ({$numrows})\" />"; } echo "\t<tr>\n\t\t<td> » (".$level.") <a href=\"{$adminurl}products/editcategory.php?category_id={$row1['category_id']}\" title=\"{$row1['category_desc']}\">{$row1['category_name']}</a></td>\n\t\t\t<td>"; if ( $row1[category_publish] == Y ) { echo "<input type=\"button\" class=\"deactivate\" value=\"(click to deactivate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=N'\" />"; } else { echo "<input type=\"button\" class=\"activate\" value=\"(click to activate)\" onclick=\"location.href='".$adminurl."products/bin/categoryonoff.php?category_id={$row1['category_id']}&act=Y'\" />"; } echo "</td> \n\t\t\t<td><input type=\"button\" class=\"add\" onclick=\"location.href='".$adminurl."products/addproduct.php?category_id={$row1['category_id']}'\" value=\"Add\" /> {$linker}</td>\n\t\t\t<td> <input type=\"button\" class=\"edit\" onclick=\"location.href='{$adminurl}products/editcategory.php?category_id={$row1['category_id']}'\" value=\"Edit\" /> <input type=\"button\" class=\"delete\" value=\"DELETE\" onclick='usr_conf(\"{$adminurl}products/bin/deletecategory.php\",\"category_id={$row1['category_id']}\",\"Are you sure you want to delete this category?\");' /></td>\n\t</tr>\n"; getchildrenlist( $parent, $level ); $last_level = $level; } } function productcheckcategories( ) { global $connection; global $oktoadd; $sql3 = "SELECT * from categories"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't get data from category db" ); } $numrows = mysql_num_rows( $result3 ); if ( 1 <= $numrows ) { $oktoadd = "Y"; } } function countrycompareDD( $country_dd ) { global $connection; echo "<select name=\"country\">"; $sql3 = "SELECT country_short, country_long from country WHERE zone_id !='0'"; if ( !( $result3 = @mysql_query( $sql3, $connection ) ) ) { exit( "Couldn't execute request 1" ); } while ( $row3 = mysql_fetch_array( $result3 ) ) { if ( $row3[country_short] == $country_dd ) { echo "<option value=\"".$row3['country_short']."\" selected>{$row3['country_long']}</option>\n"; } else { echo "<option value=\"".$row3['country_short']."\">{$row3['country_long']}</option>\n"; } } echo "</select>"; } function alternatecolour( $level ) { global $altclass; $class_1 = " class=altlight"; $class_2 = " class=altdark"; $altclass = $class_1; $level % 2 ? 0 : ( $altclass = $class_2 ); } function check_email_address( $email ) { if ( !preg_match( "/[^@]{1,64}@[^@]{1,255}/i", $email ) ) { return FALSE; } $email_array = explode( "@", $email ); $local_array = explode( ".", $email_array[0] ); $i = 0; for ( ; $i < sizeof( $local_array ); ++$i ) { if ( preg_match( ">^(([A-Za-z0-9!#\$%&'*+/=?^_`{|}~-][A-Za-z0-9!#\$%&'*+/=?^_`{|}~\\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))\$>i", $local_array[$i] ) ) { continue; } return FALSE; } if ( !preg_match( "/^\\[?[0-9\\.]+\\]?\$/i", $email_array[1] ) ) { $domain_array = explode( ".", $email_array[1] ); if ( sizeof( $domain_array ) < 2 ) { return FALSE; } $i = 0; for ( ; $i < sizeof( $domain_array ); ++$i ) { if ( preg_match( "/^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))\$/i", $domain_array[$i] ) ) { continue; } return FALSE; } } return TRUE; } if ( get_magic_quotes_gpc( ) ) { $in = array( $GLOBALS['_GET'], $GLOBALS['_POST'], $GLOBALS['_COOKIE'] ); while ( list( $k, $v ) = each( &$in ) ) { foreach ( $v as $key => $val ) { if ( !is_array( $val ) ) { $in[$k][$key] = stripslashes( $val ); } else { $in[] =& $in[$k][$key]; } } } unset( $in ); } if ( isset( $_POST ) || isset( $_GET ) ) { $in = array( $GLOBALS['_GET'], $GLOBALS['_POST'] ); while ( list( $k, $v ) = each( &$in ) ) { foreach ( $v as $key => $val ) { if ( !is_array( $val ) ) { if ( ( $key == "txtContent" || $key == "category_desc" || !( $key == "metaadd" ) && !( $admin_ok_check == $_SESSION[admin_ok] ) ) || !preg_match( "/".$adminDir."/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/paypalcallback.php/", "{$_SERVER['PHP_SELF']}" ) || !preg_match( "/updatecurrency.php/", "{$_SERVER['PHP_SELF']}" ) ) { if ( !preg_match( "/createcurrency.php/", "{$_SERVER['PHP_SELF']}" ) ) { $val = preg_replace( "/\\s+/", " ", $val ); $in[$k][$key] = htmlentities( trim( $val ) ); } } } else { $in[] =& $in[$k][$key]; } } } unset( $in ); } $sYear = "2007"; $cwd = dirname( __FILE__ ); $instdir = str_replace( "private", "", "{$cwd}" ); include( "{$instdir}private/config.php" ); include( "{$instdir}private/cache.php" ); include( "{$instdir}private/pca_config.php" ); if ( empty( $shopurl ) ) { header( "Location: install/" ); exit( ); } include( "{$instdir}private/db_connect.php" ); include( "{$instdir}private/messages.php" ); include( "{$instdir}private/shop_messages.php" ); $admin_dirs = array( "settings", "orders", "newsletter", "reports", "shoppers", "products", "content" ); $mtta = array( "mail", "smtp" ); $ppgfields = array( "ppemail", "ppmerchantid", "ppsecret", "pptestmode", "ppinstid", "ppintip", "ppextip", "ppgiftaid", "ppApply3DSecure", "ppApplyAVSCV2", "ppauthmode", "ppsignature" ); $category_style = array( "List with Thumbnail", "List no Thumbnail", "Grid" ); $category_sort_order = array( "Alphabetical", "Newest Items First", "Newest Items Last", "Featured Items First", "Custom Sort", "Price Low - High", "Price High - Low" ); $sf_style = array( "List", "Grid" ); $sf_sort_order = array( "Alphabetical", "By ID", "Randomised" ); $cf_sort_order = array( "Alphabetical", "By ID", "Custom" ); $allow_next = array( "selectdeliveryaddress.php", "revieworder.php", "reviewproduct.php", "revieworder.php?clearptid=Y", "orders.php" ); if ( $_GET[next] && !in_array( "{$_GET['next']}", $allow_next ) ) { echo "Not allowed!"; exit( ); } if ( !ctype_digit( $_GET[cmsid] ) ) { $GLOBALS['_GET'][cmsid] = ""; } $GLOBALS['_GET'][cmsid] = mysql_real_escape_string( "{$_GET['cmsid']}" ); if ( !ctype_digit( $_GET[category_id] ) ) { $GLOBALS['_GET'][category_id] = ""; } $GLOBALS['_GET'][category_id] = mysql_real_escape_string( "{$_GET['category_id']}" ); if ( !ctype_digit( $_GET[product_id] ) ) { $GLOBALS['_GET'][product_id] = ""; } $GLOBALS['_GET'][product_id] = mysql_real_escape_string( "{$_GET['product_id']}" ); if ( !ctype_digit( $_GET[product_xo_id] ) ) { $GLOBALS['_GET'][product_xo_id] = ""; } $GLOBALS['_GET'][product_xo_id] = mysql_real_escape_string( "{$_GET['product_xo_id']}" ); if ( !ctype_digit( $_GET[o_id] ) ) { $GLOBALS['_GET'][o_id] = ""; } $GLOBALS['_GET'][o_id] = mysql_real_escape_string( "{$_GET['o_id']}" ); if ( !ctype_digit( $_GET[p_id] ) ) { $GLOBALS['_GET'][p_id] = ""; } $GLOBALS['_GET'][p_id] = mysql_real_escape_string( "{$_GET['p_id']}" ); if ( !ctype_digit( $_GET[a_id] ) ) { $GLOBALS['_GET'][a_id] = ""; } $GLOBALS['_GET'][a_id] = mysql_real_escape_string( "{$_GET['a_id']}" ); $GLOBALS['_POST'][query_string] = mysql_real_escape_string( "{$_POST['query_string']}" ); if ( !ctype_digit( $_POST[pre_xo_id] ) ) { $GLOBALS['_POST'][pre_xo_id] = ""; } $GLOBALS['_POST'][pre_xo_id] = mysql_real_escape_string( "{$_POST['pre_xo_id']}" ); if ( !ctype_digit( $_POST[p_id] ) ) { $GLOBALS['_POST'][p_id] = ""; } $GLOBALS['_POST'][p_id] = mysql_real_escape_string( "{$_POST['p_id']}" ); if ( !ctype_digit( $_POST[qty] ) ) { $GLOBALS['_POST'][qty] = ""; } $GLOBALS['_POST'][qty] = mysql_real_escape_string( "{$_POST['qty']}" ); $GLOBALS['_POST'][loginemail] = mysql_real_escape_string( "{$_POST['loginemail']}" ); $GLOBALS['_POST'][loginpass] = mysql_real_escape_string( "{$_POST['loginpass']}" ); if ( $_POST[mail_outs] != "Y" && $_POST[mail_outs] != "N" ) { $GLOBALS['_POST'][mail_outs] = "Y"; } $GLOBALS['_POST'][mail_outs] = mysql_real_escape_string( "{$_POST['mail_outs']}" ); $GLOBALS['_POST'][old_password] = mysql_real_escape_string( "{$_POST['old_password']}" ); $GLOBALS['_POST'][confirm_password] = mysql_real_escape_string( "{$_POST['confirm_password']}" ); $search = array( "@<script[^>]*?>.*?</script>@si", "@<[\\/\\!]*?[^<>]*?>@si", "@&(quot|#34);@i", "@&(amp|#38);@i", "@&(lt|#60);@i", "@&(gt|#62);@i", "@&(nbsp|#160);@i", "@&(iexcl|#161);@i", "@&(cent|#162);@i", "@&(pound|#163);@i", "@&(copy|#169);@i", "@&#(\\d+);@e" ); $replace = array( "", "", "\\1", "\"", "&", "<", ">", " ", chr( 161 ), chr( 162 ), chr( 163 ), chr( 169 ), "chr(\\1)" ); $GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" ); $GLOBALS['_POST'][company] = mysql_real_escape_string( "{$_POST['company']}" ); $GLOBALS['_POST'][company] = preg_replace( $search, $replace, $_POST[company] ); $GLOBALS['_POST'][first_name] = mysql_real_escape_string( "{$_POST['first_name']}" ); $GLOBALS['_POST'][first_name] = preg_replace( $search, $replace, $_POST[first_name] ); $GLOBALS['_POST'][last_name] = mysql_real_escape_string( "{$_POST['last_name']}" ); $GLOBALS['_POST'][last_name] = preg_replace( $search, $replace, $_POST[last_name] ); $GLOBALS['_POST'][email] = mysql_real_escape_string( "{$_POST['email']}" ); $GLOBALS['_POST'][email] = preg_replace( $search, $replace, $_POST[email] ); $GLOBALS['_POST'][no_name] = mysql_real_escape_string( "{$_POST['no_name']}" ); $GLOBALS['_POST'][no_name] = preg_replace( $search, $replace, $_POST[no_name] ); $GLOBALS['_POST'][street] = mysql_real_escape_string( "{$_POST['street']}" ); $GLOBALS['_POST'][street] = preg_replace( $search, $replace, $_POST[street] ); $GLOBALS['_POST'][town] = mysql_real_escape_string( "{$_POST['town']}" ); $GLOBALS[ I am trying to integrate facebook login into my application. If the user isn't logged in, I want to make sure that they get sent to the index page, but this doesn't work. Code: [Select] <?php if ($user) { try { // Proceed knowing you have a logged in user who's authenticated. $user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { $user = null; //echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>'; } } else { header('Location: /'); } ?> Any thoughts on how to fix? The following should be redirecting to a certain page based upon the variables given. If someone is logged into the admincp but enters the address index.php?admincp=users, all that shows up is a blank page, it should re-direct back to the admincp main page; aka index.php?admincp. Everything other than this is working... It's just not going back to the admincp when index.php?admincp=users is entered. <?php require_once 'db_select.php'; require_once 'func.php'; session_start(); $cadmin2=$_SESSION['admin_check']; if($cadmin2=="4" && isset($_SESSION['mypassword3']) && $_SESSION['mypassword3']==$_SESSION['mypassword2']){ $SQL1="SELECT position FROM $tbl_name4 WHERE film_number='1' ORDER BY ABS(cost) ASC"; $result1=mysql_query($SQL1) or die(mysql_error()); if($_GET['do']=="add"){ $section.=' - Add User'; $content.=' <div class="main"> <div class="main_header">Add New User</div> <div class="user_form"> <form action="./index.php?admincp=users&do=process&source=new" method="post"> <p><label>Name:</label> <input type="text" name="name" size="30" /></p> <p><label>E-Mail:</label> <input type="email" name="email" size="32" /></p> <p><label>Amount:</label> <input type="text" name="amount" size="8" /></p> <p><label>Username:</label> <input type="text" name="username" size="30" /></p> <p> <label>Level:</label> <select name="level"> <option value=""></option> <option value="nickel">Nickel</option> <option value="copper">Copper</option> <option value="bronze">Bronze</option> <option value="silver">Silver</option> <option value="gold">Gold</option> <option value="platinum">Platinum</option> <option value="palladium">Palladium</option> </select> </p> <p> <label>User Level:</label> <select name="user_level"> <option value="0">No Account</option> <option value="1">Credit Purchase</option> <option value="2">Donation</option> <option value="3">Moderator</option> <option value="4">Admin</option> </select> </p> <p><label>Credit:</label> <select name="credit"> <option value=""></option>'; while($row1=mysql_fetch_array($result1)){ extract($row1); $content.='<option value="'.ucfirst($position).'">'.ucfirst($position).'</option>'; } $content.=' </select> <!--<label>Film Number:</label> <select name="film_number"> <option value=""></option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> </select>--> </p> <p><label>Password:</label> <input type="text" name="password" size="30" /></p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> </div> '; } elseif($_GET['do']=="edit"){ if(isset($_GET['id'])){ $id=(int)$_GET['id']; $edit_user_query="SELECT * FROM $tbl_name WHERE $tbl_name.donor_id=$id"; $edit_user_result=mysql_query($edit_user_query); while($edit_user_row=mysql_fetch_array($edit_user_result)){ extract($edit_user_row); } $credits_query="SELECT * FROM donors_credits WHERE donor_id=".$id." ORDER BY id"; $credits_result=mysql_query($credits_query); while($credits_row=mysql_fetch_array($credits_result)){ $credits[]=$credits_row['credit']; } if(count($credits) > 0){ $credit=implode(", ",$credits); } if(!empty($amount)){ $amount=number_format($amount, 2, '.', ','); } $section.=' - Edit User: '.$username.''; $content.=' <div class="main"> <div class="main_header">Edit User - '.(!empty($username) ? ''.$username.'' : ''.$name.'').'</div> <div class="user_form"> <form action="./index.php?admincp=users&do=process&source=edit&id='.$id.'" method="post"> <p><label>Name:</label> <input type="text" name="name" size="30" value="'.$name.'" /></p> <p><label>E-Mail:</label> <input type="email" name="email" size="32" value="'.$email.'" /></p> <p><label>Amount:</label> <input type="text" name="amount" size="8" value="'.$amount.'" /></p> <p><label>Username:</label> <input type="text" name="username" size="30" value="'.$username.'" /></p> <p> <label>Level:</label> <select name="level"> <option value=""'.(empty($level) ? ' selected="selected"' : '').'></option> <option value="nickel"'.($level=="nickel" ? ' selected="selected"' : '').'>Nickel</option> <option value="copper"'.($level=="copper" ? ' selected="selected"' : '').'>Copper</option> <option value="bronze"'.($level=="bronze" ? ' selected="selected"' : '').'>Bronze</option> <option value="silver"'.($level=="silver" ? ' selected="selected"' : '').'>Silver</option> <option value="gold"'.($level=="gold" ? ' selected="selected"' : '').'>Gold</option> <option value="platinum"'.($level=="platinum" ? ' selected="selected"' : '').'>Platinum</option> <option value="palladium"'.($level=="palladium" ? ' selected="selected"' : '').'>Palladium</option> </select> (Blank if something other than Donation) </p> <p> <label>User Level:</label> <select name="user_level"> <option value="0"'.($admin=="0" ? ' selected="selected"' : '').'>No Account</option> <option value="1"'.($admin=="1" ? ' selected="selected"' : '').'>Credit Purchase</option> <option value="2"'.($admin=="2" ? ' selected="selected"' : '').'>Donation</option> <option value="3"'.($admin=="3" ? ' selected="selected"' : '').'>Moderator</option> <option value="4"'.($admin=="4" ? ' selected="selected"' : '').'>Admin</option> </select> </p> <p><label>Credit:</label> <input type="text" name="credit_old" size="30" value="'.$credit.'" disabled="disabled" /></p> <p><label>New Credit:</label> <select name="credit"> <option value=""></option>'; while($row1=mysql_fetch_array($result1)){ extract($row1); $content.='<option value="'.ucfirst($position).'">'.ucfirst($position).'</option>'; } $content.=' </select> <!--<label>Film Number:</label> <select name="film_number"> <option value=""></option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> </select>--> </p> <p><input type="submit" value="Submit" name="Submit" /></p> </form> </div> </div> '; } else{ $user_list_query="SELECT * FROM $tbl_name"; $user_list_result=mysql_query($user_list_query); $content=''; while($user_list_row=mysql_fetch_array($user_list_result)){ extract($user_list_row); $content.='<div class="center"><a href="./index.php?admincp=users&do=edit&id='.$donor_id.'">'.(!empty($username) ? ''.$username.'' : ''.$name.'').'</a></div>'; } } } elseif($_GET['do']="process"){ $source=sanitize($_GET['source']); $name=sanitize($_POST['name']); $email=sanitize($_POST['email']); $amount=amount_verify(sanitize($_POST['amount'])); $username=sanitize($_POST['username']); $level=sanitize($_POST['level']); $password=kam3($_POST['password']); $admin=sanitize($_POST['user_level']); //$film_number=sanitize($_POST['film_number']); $credits=sanitize($_POST['credit']); $credits=explode(",",$credits); array_walk($credits, 'trim_value'); if($amount=="00" || $amount==".00"){ $amount=""; } if($_GET['source']=="new"){ $add_user_query="INSERT INTO $tbl_name (username, name, level, amount, password, admin, email) VALUES ('$username', '$name', '$level', '$amount', '$password', '$admin', '$email')"; mysql_query($add_user_query); $insert_id=mysql_insert_id(); if(!empty($credits)){ $CreditArray = array(); foreach($credits as $credit){ $CreditArray[] = "('$credit',$insert_id)"; } if(mysql_affected_rows()==1){ $content.='<div class="center">User Added.</div>'; } if (count($CreditArray) > 0 ){ $credit_array_query="INSERT INTO $tbl_name2 (credit,donor_id) VALUES " . implode(',',$CreditArray); mysql_query($credit_array_query); } } } elseif($_GET['source']=="edit"){ $insert_id=$_GET['id']; $edit_user_query="UPDATE $tbl_name SET username='$username', name='$name', level='$level', amount='$amount', admin='$admin', email='$email' WHERE donor_id='$insert_id'"; mysql_query($edit_user_query); if(!empty($credits)){ $CreditArray = array(); foreach($credits as $credit){ $CreditArray[] = "('$credit',$insert_id)"; } if(mysql_affected_rows()==1){ $content.='<div class="center">User Edited.</div>'; } if (count($CreditArray) > 0 ){ $credit_array_query="INSERT $tbl_name2 (credit,donor_id) VALUES " . implode(',',$CreditArray); mysql_query($credit_array_query); } } } } else{ header('Location: ./index.php?admincp'); } } else{ header("Location: ./index.php?usercp"); } ?> |