PDA

Click to See Complete Forum and Search --> : Header error when refreshing page...

dlwillia
09-01-2005, 04:17 PM
I'm working on a login form-handler for my user log-in, and when I test it out I get an error saying that the header information cannot be changed. The error point out to the code where I have this " { header ("Location:$HTTP_REFERER"); exit(); }"...here's the complete code:


<?php
#if either form field is empty return to the log-in page
if( (!$username) or (!password) )
{ header ("Location:$HTTP_REFERER"); exit(); }

#connect to MySQL
$conn = @mysql_connect("mysql63.secureserver.net","fxc_users","exchange")
or die("Could not connect");

#select the specified database
$rs = @mysql_select_db("fxc_users", $conn)
or die("Could not slect database");

#create the SQL query
$sql = "select * from users where user_name=\"$username\" and password = password( \"$password\" )";

#execute the query
$rs = mysql_query($sql, $conn)
or die("Could not exceute query");

#get number of rows that match usernaem and password
$num = mysql_numrows($rs);

#if there is a match the log-in is authenticated
if($num != 0 )
{ $msg = "Welcome $username - your log-in is succeeded!"; }
else #or return to the log-in page
{ header ("Location:$HTTP_REFERER"); exit(); }
?>


<html><head> <title>Futurexchange - Log-in Successful</title>
</head>

<body>

<?php echo($msg); ?>
</body>
</html>

Any suggestions?
bokeh
09-01-2005, 04:27 PM
<?php
ob_start();
#if either form field is empty return to the log-in page
if( (!$username) or (!password) )
{ header ("Location:$HTTP_REFERER"); exit(); }

#connect to MySQL
$conn = @mysql_connect("mysql63.secureserver.net","fxc_users","exchange")
or die("Could not connect");

#select the specified database
$rs = @mysql_select_db("fxc_users", $conn)
or die("Could not slect database");

#create the SQL query
$sql = "select * from users where user_name=\"$username\" and password = password( \"$password\" )";

#execute the query
$rs = mysql_query($sql, $conn)
or die("Could not exceute query");

#get number of rows that match usernaem and password
$num = mysql_numrows($rs);

#if there is a match the log-in is authenticated
if($num != 0 )
{ $msg = "Welcome $username - your log-in is succeeded!"; }
else #or return to the log-in page
{ header ("Location:$HTTP_REFERER"); exit(); }
?>