|
PHP - Http Auth Headers And Mysql
Hi Guys,
This is my first post as part of the community. I am working on a personal project for myself and was trying to password protect some pages. Im newish to php and was wondering if HTTP AUTH headers work with MYSQL Databases for usernames and passwords. Any help or insight would be greatly appreciated! Thanks! Steve Similar Tutorials
Hello, I am a newbie regarding PHP and have done mostly only front-end web design for a couple of years and recently started querying DB's and displaying the data, but now this is a new project.
I've tested code snippets as the ones below, but fail to incorporate them in the bigger picture of what I'm trying to achieve.
<?php
// https://gist.github.com/magnetikonline/650e30e485c0f91f2f40
class DumpHTTPRequestToFile {
public function execute($targetFile) {
$data = sprintf(
"%s %s %s\n\nHTTP headers:\n",
$_SERVER['REQUEST_METHOD'],
$_SERVER['REQUEST_URI'],
$_SERVER['SERVER_PROTOCOL']
);
foreach ($this->getHeaderList() as $name => $value) {
$data .= $name . ': ' . $value . "\n";
}
$data .= "\nRequest body:\n";
file_put_contents(
$targetFile,
$data . file_get_contents('php://input') . "\n"
);
echo("Done!\n\n");
}
private function getHeaderList() {
$headerList = [];
foreach ($_SERVER as $name => $value) {
if (preg_match('/^HTTP_/',$name)) {
// convert HTTP_HEADER_NAME to Header-Name
$name = strtr(substr($name,5),'_',' ');
$name = ucwords(strtolower($name));
$name = strtr($name,' ','-');
// add to list
$headerList[$name] = $value;
}
}
return $headerList;
}
}
(new DumpHTTPRequestToFile)->execute('./dumprequest.csv');
This snippet also seems to return the headers and their values but I don't know how to efficiently write and append it to a TXT or CSV, or preferably, directly into a MySQL database.
<?php
foreach (getallheaders() as $name => $value) {
echo "$name: $value";
echo "<br>";
}
?>
Any help towards storing the header values of HTTP POST requests into a database would be greatly appreciated! Hi there, Any help is greatly appreciated. I've commented out the code giving me trouble. Error = <br /> <b>Warning</b>: curl_setopt(): supplied argument is not a valid cURL handle resource in <b>/###.php</b> on line <b>34</b><br /> <br /> <b>Warning</b>: curl_setopt(): supplied argument is not a valid cURL handle resource in <b>/###.php</b> on line <b>35</b><br /> <?php $ch = curl_init(); $timeout = 30; $userAgent = $_SERVER['HTTP_USER_AGENT']; if ($_REQUEST['update']) { curl_setopt($ch, CURLOPT_URL, $_REQUEST['url']); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_USERPWD, $_REQUEST['username'] . ':' . $_REQUEST['password']); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERAGENT, $userAgent); //curl_setopt($c, CURLOPT_POST, true); //curl_setopt($c, CURLOPT_POSTFIELDS, $_REQUEST['update']); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); $response = curl_exec($ch); if (curl_errno($ch)) { echo curl_error($ch); } else { curl_close($ch); echo $response; } } Just a quick question. I'm using the Live HTTP Headers add-on for Firefox that display all the HTTP headers etc. I'm writing an article on it and want to include a screenshot of it in action. Are there any headers that I should hide from the reader for security reasons? Thanks for any help. Quick question for you guys. I am collecting payment data for a product. Is it possible to send data from my form via http directly into another payment form via the post http headers? So say if i had all the details payment info and address info and i matched my form exactly to theirs. Is it possible to write a php script to send the data from my form directly to another websites form to make an order, say amazon or a big site like this? ?first_name=samuel&last_name=east&action=Submit Any Help? Thanks Trying to run a simple program that, when submitted, stores the username and password as cookies. When clicking Submit, I get the error "HTTP Error 405 - The HTTP verb used to access this page is not allowed". If the username and password fields are left blank when submitting it's suppose to give a message to enter a username and password, but, I still get that error message. HTML form: Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Week 1 Project--Cookies</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <form action="cookie1.php" method="post"> <h2 align="center">Cookies</h2> <br /> <div> <p>Enter your username and password and click "Submit":</p><br /> <p>Username:<input type="text" name="username" size="20"></p> <p>Password:<input type="text" name="password" size="20"></p> </div> <br /> <div><input type="submit" name="submit" value="Submit" /></div> <br /> <div> <input type="reset" name="Reset" value="Start Over" /> </div> </form> </body> </html> PHP file: Code: [Select] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Cookie File</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <div> <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { setcookie('username', $_POST['username'], time() + 2592000); setcookie('password', $_POST['password'], time() + 2592000); } if(($_POST['username'] == "") || ($_POST['password'] == "")) { print "You must enter both a username and password. Press the Back button on your browser and try again."; } else if (isset($_COOKIE['username'])) { print "Welcome, " .$_COOKIE['username']; } ?> </div> </body> </html> Hi I am using facebook auth but email id not fetching from facebook login please help me why is happening? Ok So the main purpose of this is: 1). User has to grab a OTP from the generator (work's) 2) the OTC updates in the database field (work's) via the person's user_email 3). it sends an email containing the OTP what it is not doing is, when they go and login, it just keeps saying invalid login credentials. I'm pasting my code below to see if anyone can help me out here. this is still a work in progress. do_login.php (not working here) Keep's saying invalid password. <?php if(empty($_POST)) exit; include 'config.php'; // declare post fields $post_user_email = trim($_POST['user_email']); $post_password = trim($_POST['authcode']); $post_autologin = $_POST['autologin']; if(($post_user_email == $config_email) && ($post_password == $config_password)) { $_SESSION['Site-Key'] = $config_email; // Autologin Requested? if($post_autologin == 1) { $password_hash = md5($config_password); // will result in a 32 characters hash setcookie ($cookie_name, 'usr='.$config_email.'&hash='.$password_hash, time() + $cookie_time); } exit('OK'); } else { echo '<div id="error_notification">The submitted login info is incorrect.</div>'; } ?> Index.php <?php require_once 'config.php'; if(isset($_SESSION['google-ads123123'])) { header("Location: http://forum.site1.com"); exit; } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML> <HEAD> <TITLE>Access Required</TITLE> <script type="text/javascript" src="js/mootools-1.2.1-core-yc.js"></script> <script type="text/javascript" src="js/process.js"></script> <link rel="stylesheet" type="text/css" href="style.css" /> </HEAD> <BODY> <center> <div id="status"> <fieldset><legend align="center">Authentication</legend> <div id="login_response"><!-- spanner --></div> <form id="login" name="login" method="post" action="do_login.php"> <table align="center" width="200" border="0"> <tr> <td width="80">Email</td><td><input id="user_email" type="text" name="user_email"></td> </tr> <tr> <td>AuthCode:</td> <td><input type="password" name="authcode"></td> </tr> <tr> <td> </td> <td><input type="checkbox" name="autologin" value="1">Remember Me</td> </tr> <tr> <td> </td> <td><input id="submit" type="submit" name="submit" value="Login"> <br /> <a href="getcode.php"> Get Auth Code </a> <div id="ajax_loading"><img align="absmiddle" src="images/spinner.gif"> Processing...</div></td> </tr> </table> </form> </fieldset> </div> </center> </BODY> </HTML> getcode.php (generates a MD5 and adds into db) <?php $db_host = '123'; $db_username = '123'; $db_password = '123'; $db_name = '123'; @mysql_connect($db_host, $db_username, $db_password) or die(mysql_error()); @mysql_select_db($db_name) or die(mysql_error()); // This is displayed if all the fields are not filled in $empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back"; // Convert to simple variables $email_address = $_POST['user_email']; if (!isset($_POST['user_email'])) { ?> <h2>Generate your Auth Code</h2> <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> <p class="style3"><label for="user_email">Email:</label> <input type="text" title="Please enter your email address" name="user_email" size="30"/></p> <p class="style3"><label title="Generate Auth Code"> </label> <input type="submit" value="Submit" class="submit-button"/></p> </form> <?php } elseif (empty($email_address)) { echo $empty_fields_message; } else { $status = "OK"; $msg=""; //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); if (!stristr($email_address,"@") OR !stristr($email_address,".")) { $msg="Your email address is not correct<BR>"; $status= "NOTOK";} echo "<br><br>"; if($status=="OK"){ $query="SELECT username FROM users WHERE user_email = '$email_address'"; $st=mysql_query($query); $recs=mysql_num_rows($st); $row=mysql_fetch_object($st); $em=$row->user_email;// email is stored to a variable if ($recs == 0) { echo "<center><font face='Verdana' size='2' color=red><b>No Auth Code</b><br> Sorry Your address is not in our database ."; exit;} function makeRandomPassword() { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; srand((double)microtime()*1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $random_password = makeRandomPassword(); $db2_password = md5($random_password); $sql = mysql_query("UPDATE users SET authcode='$db2_password' WHERE user_email='$email_address'"); $subject = "Auth Code Verification"; $message = " Here is your Auth Code, Auth Code: $random_password Auth Code: $db2_password This is an automated response, please do not reply!"; mail($email_address, $subject, $message, "From: Auth Server<theslcguy@safe-mail.net.com>"); echo "Your Auth Code has been sent! <br /> Please check your email! <br /> Also Allow up to 5 minutes to recieve your Code...<br />"; echo "<br><br>Click <a href='http://auth.site1.com'>here</a> to login"; } else { echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} } ?> Config.php <?php session_start(); // Start Session header('Cache-control: private'); // IE 6 FIX // always modified header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT'); // HTTP/1.1 header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); // HTTP/1.0 header('Pragma: no-cache'); // ---------- LOGIN INFO ---------- // $config_email = $POST["user_email"]; $config_authcode = $POST["authcode"]; $cookie_name = 'google-ads123123'; $cookie_time = (3600 * 24 * 30); // 30 days if(!$_SESSION['google-ads123123']) { include_once 'autologin.php'; } ?> I'm making a login/sign up page and the following pieces are not working together properly. When I set up the login page following a guide, it had me direct input the structure and I added a user (password is encrypted). When I log in with that password/username, it passes authentication.php perfectly. When I use my signup form (signup.php is simply called by a button on an HTML), it fails saying "Incorrect Password!". I'd say it's failing because of encryption but it passes with my old login that is encrypted so I'm thoroughly lost. Authentication.php
<?php
session_start();
// Change this to your connection info.
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'root';
$DATABASE_PASS = 'test';
$DATABASE_NAME = 'login';
// Try and connect using the info above.
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if ( mysqli_connect_errno() ) {
// If there is an error with the connection, stop the script and display the error.
die ('Failed to connect to MySQL: ' . mysqli_connect_error());
}
// Now we check if the data from the login form was submitted, isset() will check if the data exists.
if ( !isset($_POST['username'], $_POST['password']) ) {
// Could not get the data that should have been sent.
die ('Please fill both the username and password field!');
}
// Prepare our SQL, preparing the SQL statement will prevent SQL injection.
if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
// Bind parameters (s = string, i = int, b = blob, etc), in our case the username is a string so we use "s"
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
// Store the result so we can check if the account exists in the database.
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->bind_result($id, $password);
$stmt->fetch();
// Account exists, now we verify the password.
// Note: remember to use password_hash in your registration file to store the hashed passwords.
if (password_verify ($_POST['password'], $password)) {
// Verification success! User has loggedin!
// Create sessions so we know the user is logged in, they basically act like cookies but remember the data on the server.
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $_POST['username'];
$_SESSION['id'] = $id;
header('Location: dashboard.php');
} else {
echo 'Incorrect password!';
}
} else {
echo 'Incorrect username!';
}
$stmt->close();
}
?>
Signup.php
<?php
// get database connection
include_once '../config/database.php';
// instantiate user object
include_once '../objects/user.php';
$database = new Database();
$db = $database->getConnection();
$user = new User($db);
// set user property values
$user->username = $_POST['uname'];
$user->password = base64_encode($_POST['password']);
$user->created = date('Y-m-d H:i:s');
// create the user
if($user->signup()){
$user_arr=array(
"status" => true,
"message" => "Successfully Signup!",
"id" => $user->id,
"username" => $user->username
);
}
else{
$user_arr=array(
"status" => false,
"message" => "Username already exists!"
);
}
print_r(json_encode($user_arr));
?>
login.php
<?php
// include database and object files
include_once '../config/database.php';
include_once '../objects/user.php';
// get database connection
$database = new Database();
$db = $database->getConnection();
// prepare user object
$user = new User($db);
// set ID property of user to be edited
$user->username = isset($_GET['username']) ? $_GET['username'] : die();
$user->password = base64_encode(isset($_GET['password']) ? $_GET['password'] : die());
// read the details of user to be edited
$stmt = $user->login();
if($stmt->rowCount() > 0){
// get retrieved row
$row = $stmt->fetch(PDO::FETCH_ASSOC);
// create array
$user_arr=array(
"status" => true,
"message" => "Successfully Login!",
"id" => $row['id'],
"username" => $row['username']
);
}
else{
$user_arr=array(
"status" => false,
"message" => "Invalid Username or Password!",
);
}
// make it json format
// print_r(json_encode($user_arr));
if (in_array("Successfully Login!", $user_arr)) {
header('Location: ../../dashboard.html');
}
?>
Hi, I have a problem with my code probably it's authorisation mistake or something. I bought a book PHP6, MySQL, Apache Web Development and I am copying every excercise like it's in the book. If u have this book it's chapter 2, page 63. And here is the exact code from the book. It always says that the user ID or pass is incorrect. Code: [Select] <?php session_start (); $_SESSION['username'] = $_POST['user']; $_SESSION['userpass'] = $_POST['pass']; $_SESSION['authuser'] = 1; //over uzivatelske meno a heslo if ( ($_SESSION['username'] == 'Peter') and ($_SESSION['userpas'] == '12345')) { $_SESSION['authuser'] = 1; } else { echo "Unfortunately you do not have required authorisation to enter this site!"; exit(); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Najts oblubeny film!</title> </head> <body> <?php $oblubenyfilm = urlencode('Zivot Briana'); echo '<a href="moviesite.php?oblfilm=$oblubenyfilm\">'; echo 'Dalsie informacie o mojom oblubenom filme!'; echo '</a>' ?> </body> </html> The page is http://www.magicfoto.gigacast.net/test/login.php as you can see ID is "Peter" and pass "12345" If you know what should be wrong pls reply. PS.: I am a begginer so please be patient Thanks Hello,
I have been using cakePHP now for a couple projects now. My next projects involves creating a web service and the entire front-end be built in angularjs.
Now, I understand how 'Form' Authentication works, and have done some research and people tell me if I have an SSL to use Basic Auth, for a web service, which is what I am using. But I am having a problem hooking both up nicely. Now with angular, I have a call for a page and send over the username and password. If the credentials are correct, the server returns back the correct data. The problem is if the credentials are wrong, I get the normal 'Basic Auth' pop up, asking me for my username and password.
My question is, instead of the server trying to re access the same page, is there a way to return json data back?
Example : I have an angular call going to 'cakerest/projects.json' -> Credentials are ok -> Data is returned, and with javascript I console.log it and see it.
2nd time I send the incorrect user and password, and the server responds back with a popup asking for credentials.
How can I get rid of that popup and just return "{Error : 'Credential problem'};
I can post code if that would help as well.
Thank you
Hi.
I am trying to authenticate a mail server from the wordpress user database. Wordpress now uses phpass for password hashing, but it has changed not so long ago. So I would like to use the WP functions, to stay compatible in future releases
There is a possibility in Dovecot, to run a shell script for authentication (checkpassword). So, I thought, this script could start a php scipt, and it would use the WP functions for authentications. I made the php script, and it worked. Then I made the bash script, which runs the php, and it worked too. But when the Dovecot starts the bash script, it gives a PHP error. I am stuck now.
It is a simple Debian Wheezy LAMP, with postfix, dovecot, wordpress.
The PHP code is:
<?php
define('WP_USE_THEMES', false);
require("wp-config.php");
$mail = $argv[1];
$pass = $argv[2];
$con=mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
$result = mysqli_query($con,"SELECT user_login FROM ".$table_prefix."users WHERE user_email='".$mail."'");
$row = mysqli_fetch_array($result);
$user = $row['user_login'];
mysqli_close($con);
$check = wp_authenticate_username_password(NULL, $user, $pass);
if ( is_wp_error($check) ) {
$ispassok = "1";
} else {
$ispassok = $user;
}
exit ($ispassok);
It gets the email address and the password as an argument, finds out the username, then uses a WP function to check out is it a valid user/pass combination. If it is, then it returns the username, if not, then returns "1".
The bash script is:
#!/bin/bash
# The first and only argument is path to checkpassword-reply binary.
# It should be executed at the end if authentication succeeds.
CHECKPASSWORD_REPLY_BINARY="$1"
# Messages to stderr will end up in mail log (prefixed with "dovecot: auth: Error:")
LOG=/dev/stderr
# User and password will be supplied on file descriptor 3.
INPUT_FD=3
export ISOK
read -d $'\0' -r -u $INPUT_FD USER
read -d $'\0' -r -u $INPUT_FD PASS
#USER=$1
#PASS=$2
ISOK=$(php /var/www/wordpress/proba.php $USER $PASS)
echo "User:"$USER" Pass:"$PASS" IsOK:"$ISOK > /etc/dovecot/out.txt
if [ "$ISOK" = "1" ]; then
exit 1
else
export password="{PLAIN}$PASS"
exec $CHECKPASSWORD_REPLY_BINARY
fi
There is a commented out lines, used for testing. When I run the script manually from shell with email address and cleartext password as arguments, it works as it should. But when the dovecot runs it, then I have an error message in mail log about php error:
Jun 2 21:45:09 NWVK001 dovecot: auth: Error: PHP Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909 Jun 2 21:45:09 NWVK001 dovecot: auth: Error: Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909I searched around, but couldn't find any help. If there is someone with an idea, I would gladly listen. Thanks. I've got a little php script here at work that used to log into a SSH server and grab some log files and show them in a web browser. Simple stuff. Recently we've changed the login on the servers to use our VPN tokens instead of a password that I pick for my account. We can use authorized keys which works fine for me in putty and I'm trying to set that up because I keep getting prompted for user and password the "old" way.
I'm using ssh2_auth_pubkey_file and been reading the manual about it but I can't seem to get it to work
I make my connection as follows
$connection = ssh2_connect($serverHost, 22, array('hostkey'=>'ssh-rsa'));
Then setup the auth_pubkey. There is no passphrase or anything I use with putty so i left that part out
$result = ssh2_auth_pubkey_file($connection, 'username','/path/to/id_rsa.pub','/path/to/id_rsa');the information in my id_rsa.pub file matches what's in authorized_keys on the server in my username/.ssh dir I'm not 100% what else to check for? Anyone have any tips Thanks This topic has been moved to Application Frameworks. http://www.phpfreaks.com/forums/index.php?topic=353428.0 Hi everyone, this is my first post. i am starting to learn flash and other programs and haven't started on PHP yet. I have purchased a template that i am modifying and the problem i am having is that my server is a windows one and doesn't like the code that i have attached. It is very simple and doesn't offer any protection with strip slashes etc but the real problem is that i need to add the smpt auth. I have tried several lines of code but it doesnt seem to work. I cant change the headers so i am hoping i can get a little help from this community. It is greatly appreciated How do I only redirect the page when index.php is present? Okay, I've read all the rules for Headers...still can't it to execute properly. At the bottom is my code. I basically want to check the database, see if the user is already registered, and redirect as appropriate (there is no HTML on my page, no info sent to the browser). My server doesn't send any error messages. All I get are white screens. Now, if I do the headers_sent()...it tells me that it's sent right after the initial connection with the database. The ONLY way I can get it to redirect, is if I put <?php header("location:index.php?msg=3"); ?> at hte very top, but then I can't evalute...which doesn't help me much. Here is the code (obviously, I have more...but it's sending headers in these lines) <?php $connection = mysql_connect("localhost","####","#####"); if (!$connection){ echo mysql_errno().": ".mysql_error()."<br/>"; exit; } if(!mysql_select_db("prixaurora")){ echo("Database not found<br>"); } My error: Code: [Select] Warning: Cannot modify header information - headers already sent by (output started at /www/zxq.net/w/e/b/webaskius/htdocs/index.php:7) in /www/zxq.net/w/e/b/webaskius/htdocs/functions.php on line 6 Now, I can't quite figure out why it's doing this. The section of code that is causing this problem is above any HTML tags, at the very beginning of the file. <?php include('functions.php'); ?> <link href="style.css" rel="stylesheet" type="TEXT/CSS"> <img src="logo.png" border="0"> <div id="maincontent"> As you can see, the functions that cause this error are at the VERY beginning of my file. This is where they are called within index.php: if(mysql_num_rows($query_verify_login) > 0) { create_cookie(10000, 'user', $username); redirect('index.php'); } else { echo 'Woops! You\'ve entered in the wrong username and password combination!'; } And finally, my functions: <?php //our cookie creator function function create_cookie($time, $name, $data) { setcookie($name, $data, time()+$time); } function redirect($url) { header('Location: '. $url .''); } function get_replies($id) { //set query to find posts that match our id $query_get_replies = mysql_query("SELECT * FROM replies WHERE to = {$id}"); return mysql_num_rows($query_get_replies); } ?> I am trying to do a page redirect using the header() function.
I am aware that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP.
and also that reading code with include, or require, functions, or another file access function, can create spaces or empty lines that are output before header() is called. thus causing a redirect failure.
I have therefore used this output control function (ob_start(); ob_implicit_flush() right at the top of my page.
I am then creating the redirect like this as part of my login() function:
if($user_role == ADMIN_LEVEL || $user_role == EDITOR_LEVEL)
{
if (!headers_sent($filename, $linenum))
{
return header("Location:http://mysite.com/dashboard.php");
exit;
}
else
{
echo "Headers already sent in $filename on line $linenum\n" .
"Cannot redirect\n";
exit;
}
}
Unfortunately I am still getting this error:
Headers already sent in /home/steveoje/public_html/login.php on line 1 Cannot redirectAnd this is what I have at the top of the login.php page:
<?php ob_start();
ob_implicit_flush();
require_once 'includes/config.php';
if(isset($_POST['submit']))
{
login($_POST['username'], $_POST['password']);
}
require_once "includes/header.inc.php" ?>
//other html content
So why would the redirect fail in this instance?
Thanks.
Edited by terungwa, 28 September 2014 - 05:28 AM. |
|||||||