?
Solved

redirect to another page

Posted on 2008-10-15
20
Medium Priority
?
327 Views
Last Modified: 2010-04-21
i have some PHP script that i need to authenticate a user and if a session is empty to redirect the user to another page



HERE IS MY CODE
<?php
session_start(); 
//if the session is registered to a valid user then show content 
if ($_SESSION["Username"])
 { 
print "Welcome      ".$_SESSION["Username"]."".$HTTP_SESSION_VARS["initial"].
" $surname<br>";
echo date("l, F d, Y h:i" ,time());
echo "";
echo "  Your IP Address ";
echo $_SERVER["REMOTE_ADDR"];
} 
//not registered session 
else
{ 
echo "What are you doing here";
} 
//var_dump($_SESSION);
?>

Open in new window

0
Comment
Question by:Chris Jones
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 6
  • 4
20 Comments
 
LVL 82

Expert Comment

by:hielo
ID: 22722525
try:
<?php
session_start(); 
//if the session is registered to a valid user then show content 
if ($_SESSION["Username"])
 { 
print "Welcome      ".$_SESSION["Username"]."".$HTTP_SESSION_VARS["initial"].
" $surname<br>";
echo date("l, F d, Y h:i" ,time());
echo "";
echo "  Your IP Address ";
echo $_SERVER["REMOTE_ADDR"];
} 
//not registered session 
else
{ 
	header("Location: otherpage.php");
	exit;
} 
//var_dump($_SESSION);
?>

Open in new window

0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22722645
still stays at the same page ?
0
 
LVL 11

Expert Comment

by:AlexanderR
ID: 22722753
hielo's suggestion is fine, but only if you have no output (not even a blank space) generated by php before line 16.
Make sure there is no output at all before that.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 82

Expert Comment

by:hielo
ID: 22722956
change:
if ($_SESSION["Username"])

to:
if ( isset($_SESSION["Username"]) && !empty($_SESSION['Username']) )
0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22723785
AlexanderR:

so will this cause the problem
<?php
session_start(); 
//if the session is registered to a valid user then show content 
if ($_SESSION["Username"])
 { 
print "Welcome      ".$_SESSION["Username"]."".$HTTP_SESSION_VARS["initial"].
" $surname<br>";
echo date("l, F d, Y h:i" ,time());
echo "";
echo "  Your IP Address ";
echo $_SERVER["REMOTE_ADDR"];
} 
//not registered session 
else
{ 
echo "What are you doing here";
	header("Location: members.php");
} 
//var_dump($_SESSION);
?>

Open in new window

0
 
LVL 82

Expert Comment

by:hielo
ID: 22723925
>>so will this cause the problem
Not sure how that is different from your original code, which you already know does not work. You need to make sure the SESSION variable is valid or else redirect:
<?php
session_start();
 
//if the session is registered to a valid user then show content 
if( isset($_SESSION["Username"]) && !empty($_SESSION["Username"]) )
{ 
	echo "Welcome      ".$_SESSION["Username"]."".$HTTP_SESSION_VARS["initial"]." $surname<br>";
	echo date("l, F d, Y h:i" ,time());
	echo "";
	echo "  Your IP Address ";
	echo $_SERVER["REMOTE_ADDR"];
} 
//not registered session 
else
{ 
	header("Location: otherpage.php");
	exit;
} 
?>

Open in new window

0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22723964
sorry i mean

AlexanderR:
POSTED "hielo's suggestion is fine, but only if you have no output (not even a blank space) generated by php before line 16.
Make sure there is no output at all before that."
0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22723980
the session varables are valid i am printing the user name ou to the screen and i also did a
var_dump($_SESSION);
witch gives me all my values
0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22724085
hielo:

this did not work


if ( isset($_SESSION["Username"]) && !empty($_SESSION['Username']) )
 { 
print "Welcome      ".$_SESSION["Username"]."".$HTTP_SESSION_VARS["initial"].
" $surname<br>";
echo date("l, F d, Y h:i" ,time());
echo "";
echo "  Your IP Address ";
echo $_SERVER["REMOTE_ADDR"];
} 
//not registered session 
else
{ 
echo "What are you doing here";
	header("Location: members.php");
} 

Open in new window

0
 
LVL 82

Expert Comment

by:hielo
ID: 22724302
If your page is to redirect, you CANNOT send output to the browser. So this will NOT work:
echo "What are you doing here";
header("Location: members.php");

because the echo sends output to the browser so the redirection will be canceled. Get rid of the echo statement.
0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22724469
ok this just gives me a blank page and does not redirect to another page
0
 
LVL 82

Expert Comment

by:hielo
ID: 22724564
try using the full url to the page and follow it with exit:
...
else
{
 header("Location: http://www.yoursite.com/some/directory/members.php");
 exit;
}
0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22724784
this still did not work  it bombs on the if statement it only shows half the screen
0
 
LVL 82

Expert Comment

by:hielo
ID: 22724898
>>it bombs on the if statement it
What is "bombs" to you? Are saying it is going into the if clause but having problems there?

Try changing:
$HTTP_SESSION_VARS["initial"]

to:
$_SESSION["initial"]
0
 
LVL 11

Accepted Solution

by:
AlexanderR earned 2000 total points
ID: 22726974
I suggest we isolate the problem to be sure if its something with SESSION variables logic or having an output before the header.  This is an alternative way to redirect using javascript.  If it works, then there is a problem with an output before header function.  If it does not, then its with SESSION.


<?php
session_start(); 
//if the session is registered to a valid user then show content 
if ($_SESSION["Username"])
 { 
print "Welcome      ".$_SESSION["Username"]."".$HTTP_SESSION_VARS["initial"].
" $surname<br>";
echo date("l, F d, Y h:i" ,time());
echo "";
echo "  Your IP Address ";
echo $_SERVER["REMOTE_ADDR"];
} 
//not registered session 
else
{ 
echo '<script language="text/javascript">
window.location = "members.php";
</script>';
} 
//var_dump($_SESSION);
?>

Open in new window

0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22727361
this did not fix the problem it just gave me a blank page it did not redirect it allowed me in the page
0
 
LVL 11

Expert Comment

by:AlexanderR
ID: 22727409
so sorry for this round about discussion.

I made a slight mistake
echo '<script language="text/javascript">
should be
echo '<script type="text/javascript">
0
 
LVL 1

Author Comment

by:Chris Jones
ID: 22730798
ok this worked great
0
 
LVL 1

Author Closing Comment

by:Chris Jones
ID: 31506354
i finally got help with this problem great help thanks guys
0
 
LVL 11

Expert Comment

by:AlexanderR
ID: 22735328
I am glad that my suggestion worked, but you should NOT use it for something as serious as validating a user, because all they have to do is turn their JS off and they are in.

This was just a trouble shooting step.  Because my example worked, we know SESSION variables are OK and if statements are OK. The problem is now that you have some sort of output going before "header" function.

I strongly suggest that you thoroughly check all of your code to make sure that there is not even a blank space escaping the server before "header" is called.  There should be nothing, no spaces, between or after ?> signs.
0

Featured Post

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question