Header not working - code works before and after header

Question

I have following code, a php that checks a username and password (nv_checklogin.php) It includes a config.php which links to a database (storing usernames and passwords).

If I echo the $count right before the header, it outputs "1" on the screen (so i'm sure the link with the database has been made correctly, and the code enters the if-loop). If I add " echo 'a'; " right after the header, it outputs " a ".

What could be wrong? It worked before, I am now updating my mysql-commands into mysqli since my files have been moved by the host, and my site didn't work anymore. There are no blank lines in the config.php file (not after the ?> ).

If I log in on the site, the nv_checklogin.php is called. It now gives me a blank screen instead of redirecting me to nv_frames.php. If I right-click on the screen and check the properties of the page, I can see I am still on the nv_checklogin.php page.

Thanks in advance for your help/information.

(entering a wrong username/password combination also leads to the correct output (verkeerde naam en/of paswoord).

config.php

<?php
// Connection's Parameters
$db_host="localhost";
$db_name="kleinpruts_copp1";
$username="kleinpruts_prono";
$password="xxxx";
$dbtimc = mysqli_connect($db_host, $username, $password, $db_name);
?>

nv_checklogin.php

<?php
session_start();
echo '<link rel="stylesheet" type="text/css" href="nv_style1.css">';
$_SESSION['login']=false;
$_SESSION['gebruiker']='test';
$_SESSION['naam']='test';
$_SESSION['voornaam']='test';
include('config.php');
// username and password sent from form 
$mygebruikersnaam=$_REQUEST['mygebruikersnaam']; 
$mypassword=$_REQUEST['mypassword']; 
// To protect MySQL injection
$mygebruikersnaam = stripslashes($mygebruikersnaam);
$mypassword = stripslashes($mypassword);
$mygebruikersnaam = mysqli_real_escape_string($dbtimc,$mygebruikersnaam);
$mypassword = mysqli_real_escape_string($dbtimc,$mypassword);
$sql="SELECT * FROM deelnemers WHERE gebruikersnaam='$mygebruikersnaam' and paswoord=SHA1('$mypassword')";
$result=mysqli_query($dbtimc,$sql);
$count=0;
// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);
// If result matched $mygebruikersnaam and $mypassword, table row must be 1 row
if($count==1){
  $_SESSION['login'] = true;
  $_SESSION['gebruiker'] = $mygebruikersnaam;
  session_write_close();
  header("Location:nv_frames.php");
  exit();
}       // end else
else {
 echo '<p>Verkeerde naam en/of paswoord!</p>';
}      // end else

it may be because you are echoing Style-Sheet before header(). Try to define stylesheet code below header. — shyammakwana.me, May 06 '14 at 08:26

score 1 · Answer 1 · answered May 06 '14 at 08:16

1

You have an output on echo '<link rel="stylesheet" type="text/css" href="nv_style1.css">'; The header() will not work because there is output already.

answered May 06 '14 at 08:16

Jm Verastigue

408
4
9

score 0 · Answer 2 · answered May 06 '14 at 08:18

I think you have forgot to close your php script on nv_checklogin.php Don't forget to end your file with

?>

You should activate display_errors on apache config file.

I'm not used to mysqli, i do prefer PDO but your cose seems to be ok. If you need mroe help, feel free to PM me.

score 0 · Answer 3 · answered May 06 '14 at 08:20

<?php
session_start(); // dont do this here !
//echo not here after all php
$_SESSION['login']=false;
$_SESSION['gebruiker']='test';
$_SESSION['naam']='test';
$_SESSION['voornaam']='test';
include('config.php');
// username and password sent from form 
$mygebruikersnaam=$_REQUEST['mygebruikersnaam']; 
$mypassword=$_REQUEST['mypassword']; 
// To protect MySQL injection
$mygebruikersnaam = stripslashes($mygebruikersnaam);
$mypassword = stripslashes($mypassword);
$mygebruikersnaam = mysqli_real_escape_string($dbtimc,$mygebruikersnaam);
$mypassword = mysqli_real_escape_string($dbtimc,$mypassword);
$sql="SELECT * FROM deelnemers WHERE gebruikersnaam='$mygebruikersnaam' and paswoord=SHA1('$mypassword')";
$result=mysqli_query($dbtimc,$sql);
$count=0;
// Mysql_num_row is counting table row
$count=mysqli_num_rows($result);
// If result matched $mygebruikersnaam and $mypassword, table row must be 1 row
if($count==1){
  $_SESSION['login'] = true;
  $_SESSION['gebruiker'] = $mygebruikersnaam;
  session_write_close();
  header("Location:nv_frames.php");
  exit();
}       // end else
else {
 echo '<link rel="stylesheet" type="text/css" href="nv_style1.css">';
 echo '<p>Verkeerde naam en/of paswoord!</p>';
}      // end else

for exemple ...

score 0 · Answer 4 · edited May 23 '17 at 12:06

As Jm's answer says it is because you already have an echo before your header.

Functions that send/modify HTTP headers must be invoked before any output is made. Otherwise the call fails:

Warning: Cannot modify header information - headers already sent (output started at file:line)

Some functions modifying the HTTP header are:

Output can be:

Unintentional:
- Whitespace before <?php or after ?>
- UTF-8 Byte Order Mark
- Previous error messages or notices
Intentional:
- print, echo and other functions producing output (like var_dump)
- Raw <html> areas before <?php code.

For more info take a look at this answer.

Ok, thanks a lot everybody! since this page did not need to show something (just check + redirect) i just deleted the first echo (defining the style), and now it works. It didn't realise this was output as well (since it doesn't show anything on the screen). Thanks for the quick responses! — tise79, May 06 '14 at 10:23

Header not working - code works before and after header

4 Answers4