php header method does not redirect

Question

Possible Duplicate:
PHP 5.3 does not display error messages
Headers already sent by PHP

I have a main.php file. It loads my header, body and footer parts. Body part is flexible. in my index page, the site decides the active page, so in the main file, the active pages body method works. In login page, I check the user and if it is valid I want to redirect to another page. The problem occurs on this case.

index.php:

if(isset($_GET["page"]))
{

    $jsPages.="\n\t<script src='pages/".$_GET["page"]."/resources/".$_GET['page'].".js' type='text/javascript' charset='utf-8'></script>";
    $cssPages.="\n\t<link rel='stylesheet' href='pages/".$_GET['page']."/resources/".$_GET['page'].".css' type='text/css' media='screen' title='no title' charset='utf-8'/>";
    include("pages/". $_GET["page"] ."/_index.php");
}
include("template/$Template/_index.php");

_index.php(main)

<html xmlns="http://www.w3.org/1999/xhtml"> 
<head>
</head>
<body">
        <div ><?php userpanel(); ?></div>                   
    <div id="header"><?php pageHeader(); ?></div>
    <div id="horiz-menu" class="splitmenu"><?php horizmenu();?></div>
    <div id="sub-menu"></div>
    <?php body();?>
    <div id="bottom-menu"></div>
    <div id="footer"><?php footer();?></div>
</body>
</html>
<?php 

login.php:

<?php
function body(){

  if ($_SERVER["REQUEST_METHOD"] == "POST")
  {
  if (!$_POST["username"] || !$_POST["password"])
        {
        die("You need to provide a username and password.");
        }

  // username and password sent from Form 
$myusername=addslashes($_POST['username']); 
$mypassword=addslashes($_POST['password']); 

$sql="SELECT id FROM members WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
session_register("myusername");
$_SESSION['login_user']=$myusername;
header("location: pages/welcome/_index.php");
exit();
}
else 
{
$error="Your Login Name or Password is invalid";
}
}
?>
<form action="" method="post">
<label>UserName :</label>
<input type="text" name="username"/><br />
<label>Password :</label>
<input type="password" name="password"/><br/>
<input type="submit" value=" Submit "/><br />
</form>
<?php }

I search it but could not find any answer. How can I fix it or what is the problem?

Answer 1

header() should only be called before any HTML is rendered onto the page.

Answer 2

You can't use header after you already sent some data to client. You must put your check on top of your page, before even or anything else is sent.

From: http://php.net/manual/en/function.header.php

Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP.

Answer 3

Also, you might want to take note of this. The script relies on a function that has been removed from modern PHP. Please see the large red warning label on this web page.

http://php.net/manual/en/function.session-register.php

You may be able to read this article. It shows some of the common design patterns used for PHP client authentication.

http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html

Best regards, ~Ray

Answer 4

You can add ob_start() to the top of your PHP scripts. This will allow you to issue the header() even if you have already started creating the browser output stream. It will also make your scripts faster, since the repeated calls to send browser output will be avoided, with only a single call being made at the end of the script.