Caiapfas
asked on
php script issue. cant send header information?
ok...
If a user goes to login.php then tries to bypass the page and go directly to lockedpage.php it gives errors on lockedpage.php
You have not been logged in
Warning: Cannot add header information - headers already sent by (output started at lockedpage.php:4) in lockedpage.php on line 5
instead of redirecting to the right page?
But if you don't goto login.php and try to go directly to lcokedpage.php it works and redirects you.
how can i fix this? meaning even if they goto login.php then try to by pass..it works right and redirects
login.php================= =======
<?php
$show_form = true;
if ($_POST['user']) {
$given_user = $_POST['user'];
$given_pass = $_POST['pass'];
$htpasswd = '.htpasswd';
$lines = file($htpasswd);
$login_good = false;
$login_untested = false; //This is the first visit to the page,
//no attempt has been made to login
foreach ($lines as $line) {
list($user, $pass) = preg_split("/\:/", $line);
$pass = trim($pass);
if ($given_user == $user) {
if (crypt($given_pass, $pass) == $pass) {
$login_good = true;
$show_form = false;
break;
}
}
}
} else {
$login_untested = true;
}
if ($show_form) {
?>
<?
if (isset($_REQUEST[errmsg]))
{?>
<center><strong><font color="red"><? echo $_REQUEST[errmsg]; ?></font></strong></center >
<? } ?>
<form action="<? echo $PHP_SELF; ?>" method=post>
<div align=center>
<center>
<table border=0 cellpadding=0 cellspacing=0 style=border-collapse: collapse bordercolor=#111111 width=300 height=1>
<tr>
<td width=105 height=1>
<b><font face=Verdana size=2>User Name: </font></b>
</td>
<td width=195 height=1> <input name=user size=20></td>
</tr>
<tr>
<td width=105 height=22><b><font face=Verdana size=2>Password:
</font></b></td>
<td width=195 height=22> <input type=password name=pass size=20></td>
</tr>
<tr>
<td width=105 height=26> </td>
<td width=195 height=26>
<input type=submit value=Enter></td>
</tr>
</table></center>
</div>
</form>
<?php
}
if ($login_good) {
$_SESSION['logged_on'] = true;
header("Location: https://www.mydomain.com/lockedpage.php"); //set this URL to where you wish to redirect
exit;
} elseif (!$login_untested) {
// header("Location: https://www.mydomain.com/?errmsg=You must login");
echo "<center><b><font color=red>Username or Password incorrect</font></b></cent er><br />";
session_unset();
}
?>
</body>
</html>
========================== ========== ====
lockedpage.php============ =====
<?php
session_start();
if(!$_SESSION['logged_on'] ){
echo "You have not been logged in";
header("Location: https://www.mydomain.com/?errmsg=You must login");
//include "login.php";
exit();
}
?>
========================== ========== =
If a user goes to login.php then tries to bypass the page and go directly to lockedpage.php it gives errors on lockedpage.php
You have not been logged in
Warning: Cannot add header information - headers already sent by (output started at lockedpage.php:4) in lockedpage.php on line 5
instead of redirecting to the right page?
But if you don't goto login.php and try to go directly to lcokedpage.php it works and redirects you.
how can i fix this? meaning even if they goto login.php then try to by pass..it works right and redirects
login.php=================
<?php
$show_form = true;
if ($_POST['user']) {
$given_user = $_POST['user'];
$given_pass = $_POST['pass'];
$htpasswd = '.htpasswd';
$lines = file($htpasswd);
$login_good = false;
$login_untested = false; //This is the first visit to the page,
//no attempt has been made to login
foreach ($lines as $line) {
list($user, $pass) = preg_split("/\:/", $line);
$pass = trim($pass);
if ($given_user == $user) {
if (crypt($given_pass, $pass) == $pass) {
$login_good = true;
$show_form = false;
break;
}
}
}
} else {
$login_untested = true;
}
if ($show_form) {
?>
<?
if (isset($_REQUEST[errmsg]))
{?>
<center><strong><font color="red"><? echo $_REQUEST[errmsg]; ?></font></strong></center
<? } ?>
<form action="<? echo $PHP_SELF; ?>" method=post>
<div align=center>
<center>
<table border=0 cellpadding=0 cellspacing=0 style=border-collapse: collapse bordercolor=#111111 width=300 height=1>
<tr>
<td width=105 height=1>
<b><font face=Verdana size=2>User Name: </font></b>
</td>
<td width=195 height=1> <input name=user size=20></td>
</tr>
<tr>
<td width=105 height=22><b><font face=Verdana size=2>Password:
</font></b></td>
<td width=195 height=22> <input type=password name=pass size=20></td>
</tr>
<tr>
<td width=105 height=26> </td>
<td width=195 height=26>
<input type=submit value=Enter></td>
</tr>
</table></center>
</div>
</form>
<?php
}
if ($login_good) {
$_SESSION['logged_on'] = true;
header("Location: https://www.mydomain.com/lockedpage.php"); //set this URL to where you wish to redirect
exit;
} elseif (!$login_untested) {
// header("Location: https://www.mydomain.com/?errmsg=You must login");
echo "<center><b><font color=red>Username or Password incorrect</font></b></cent
session_unset();
}
?>
</body>
</html>
==========================
lockedpage.php============
<?php
session_start();
if(!$_SESSION['logged_on']
echo "You have not been logged in";
header("Location: https://www.mydomain.com/?errmsg=You must login");
//include "login.php";
exit();
}
?>
==========================
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER