[RESOLVED] How can I solve this Header redirection issues?
Hi,
I need help to figure out what I am doing wrong with header("location: page_to_load"). In local, the redirection works without problems. When I test online on a free server (p4o.net), it works fine; but when I test it on the paid server (mediaserve.com), the redirect loads a blank page.
After the blank page is loaded, I manually load the protected page (MyAccount.php) and all the information were displayed successfuly. I logged out and signed in with wrong credential. The result is a blank page. I manually loaded MyAccount.php again and I had "Access denied". I then concluded that the redirection deos not work. Is there any work arround for this situation? Please help.
Thanks
Login.php
login_handler.phpCode:<form id="login" method="POST" action="handlers/login_handler.php"> <strong>Username</strong> <input name="TextBoxEmailAdress" type="text" id="TextBoxEmailAddress" /> <strong>Password</strong> <input name="TextBoxPassword" type="password" id="TextBoxPassword" /> <input name="ButtonSubmit" value="Login" id="ButtonSubmit" type="submit" /> </form>
Code:<?php ob_start(); //Start session session_start(); //Include database connection details require_once('../includes/WebConfig.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $Var_EmailAddress = clean($_POST['TextBoxEmailAddress']); $Var_Password1 = clean($_POST['TextBoxPassword']); //Input Validations if($Var_EmailAddress== '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($Var_Password1== '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: ../index.php?PageId=login"); exit(); } //Create query $Var_Password1 = md5($Var_Password1); $query="SELECT * FROM $tbl_member WHERE EmailAddress='$Var_EmailAddress' AND Password1='$Var_Password1'"; $result=mysql_query($query); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['Member_Id']; $_SESSION['SESS_FIRST_NAME'] = $member['FirstName']; $_SESSION['SESS_LAST_NAME'] = $member['LastName']; $_SESSION['SESS_EMAIL_ADDRESS'] = $member['EmailAddress']; $_SESSION['SESS_ADMIN_ROLE'] = $member['AdminRole']; $_SESSION['SESS_CONTRIB_EMAIL'] = ""; session_write_close(); header("location: ../MyAccount.php"); exit(); } else { //Login failed header("location: ../index.php?PageId=login-failed"); exit(); } } else { //echo "mysql error: " .mysql_error(); //echo "<br> mysql error number: " .mysql_errno(); //die("Query failed"); //Login failed header("location: ../index.php?PageId=login-failed"); } ?>
Reply With Quote
