-3

Possible Duplicate:
Headers already sent by PHP

Greets All... I am new to PHP and i am trying to make a login page .the problem which i am facing is the header in If condition gives me error and so i cant redirect to the next page if $reg and $password matches with that in database. secondly do you think that its the best way which i am doing in this code? sorry for my bad english Here is my code..

<?php

$reg=$_POST["reg"];
$password=$_POST["pwrd"];

$result=mysql_query("Select * from student where reg='$reg' and password='$password'");



if(!$result){
    die('errrrrrrrrrrrrror'.mysql_error());
}



while ($row = mysql_fetch_array($result)) {
    $db_reg=$row['reg'];
    $db_password=$row['password'];

}
if(isset($_POST['login'])){

 if($reg!=$db_reg || $password!=$db_password){
   echo 'login failed';    

}
//else if($reg=="" || $password!=""){
//  echo 'empty';
//}  
    else if($reg==$db_reg && $password==$db_password){

    header("Location:welcome.php");
    //echo 'weclome here'." ".$reg;


    }

}
?>
Community
  • 1
  • 1
shahzad khan
  • 21
  • 1
  • 1
  • 6
  • 7
    Stop working on this code and read up about [SQL injection attacks](http://bobby-tables.com). – Marc B Oct 11 '12 at 18:54
  • 3
    Also read the big red box on the [documentation pages](http://php.net/mysql_query) for the functions you are using. – Quentin Oct 11 '12 at 18:55
  • Also read about [how to store passwords](https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet) (and also [the FAQ on the subject in the PHP documentation](http://php.net/manual/en/faq.passwords.php)). – Quentin Oct 11 '12 at 18:56
  • Additionally, I'd suggest this piece, a good overview of best practices in PHP: http://www.phptherightway.com/ – graup Oct 11 '12 at 18:58

1 Answers1

0

you can't echo after sending headers out.

move the welcome msg to welcome.php and exit after header function

header("Location: welcome.php");
exit();
iamvaruns
  • 83
  • 1
  • 7
  • thx for paying attention to my problem.. the error which i get is --> Cannot modify header information - headers already sent by (output started at C:\wamp\www\project\std_login\index.php:9) in C:\wamp\www\project\std_login\index.php on line 161 – shahzad khan Oct 11 '12 at 19:51
  • yes because u can't echo after or before the headers are sent add an exit(); after your header function – iamvaruns Oct 11 '12 at 22:08