We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Course Of The Month
9 days, 21 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Checking login and redirecting to new header from an included part of the page causes header already sent error
Posted on 2008-06-16
Hey
Well the story is my index page calls a header, cell and footer. The cell being the changing element. I'm now adding member only pages and don't know how to protect the page from unauthorised access.
I use this..
<?php
session_start();
if( @$_SESSION['auth'] !="yes")
{header("Location: ../index.php?cellname=page
exit();
}
?>
and I call it at the start of the cell file that requires protection. Problem is I get errors regarding the header already being sent.
So any ideas on a better way to structure my page. I have offcourse considered sending logged in users to a new php file totally but once again I would want to use cells in that page. If those cell files exist back to square one they will simply be accessed view the original and free to access index.
Only option is whole range of pages created for users only!
thanks for any advice
Well the story is my index page calls a header, cell and footer. The cell being the changing element. I'm now adding member only pages and don't know how to protect the page from unauthorised access.
I use this..
<?php
session_start();
if( @$_SESSION['auth'] !="yes")
{header("Location: ../index.php?cellname=page
exit();
}
?>
and I call it at the start of the cell file that requires protection. Problem is I get errors regarding the header already being sent.
So any ideas on a better way to structure my page. I have offcourse considered sending logged in users to a new php file totally but once again I would want to use cells in that page. If those cell files exist back to square one they will simply be accessed view the original and free to access index.
Only option is whole range of pages created for users only!
thanks for any advice
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
If you are getting errors regarding the headers already being sent, make sure that you are calling the header function before any thing is printed to the browser.
>> Problem is I get errors regarding the header already being sent.
You're getting that message because you are trying to modifiy the browser headers after they have already been sent. You should be putting it before your HTML.
<?PHP
session_start();
if( @$_SESSION['auth'] !="yes")
{header("Location: ../index.php?cellname=page
exit();
}
?>
<html>
...
</html>
Creating a "user/members only area" is no more complicated than your cell approach and in the long term more desirable (think of expansion).
For security store the session_id() in a database table on the server and a cookie on the client. When the user is authenticated, the database table is populated with the user name and session_id() and the cookie with the same. When a new page is accessed, do a check on the database table that the current user and session_id() match with that of the cookie.
You're getting that message because you are trying to modifiy the browser headers after they have already been sent. You should be putting it before your HTML.
<?PHP
session_start();
if( @$_SESSION['auth'] !="yes")
{header("Location: ../index.php?cellname=page
exit();
}
?>
<html>
...
</html>
Creating a "user/members only area" is no more complicated than your cell approach and in the long term more desirable (think of expansion).
For security store the session_id() in a database table on the server and a cookie on the client. When the user is authenticated, the database table is populated with the user name and session_id() and the cookie with the same. When a new page is accessed, do a check on the database table that the current user and session_id() match with that of the cookie.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Originally, this post was published on Monitis Blog, you can check it
here
.
In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing.
Set up your basic HTML file. Open your form tag and set the method and action attributes.:
(CODE)
Set up your first few inputs one for the name and …
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month9 days, 21 hours left to enroll
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.