0

Hi I'm making a php page that return to itself when submitting form, but there's a case inside the php that when it's true a header("Location: url") function should be performed.

Is it possible to do so?

        <form action="" method="post">
      <input type="text" name="username" value="" />
        <?php
 if (isset($_POST['submitted'])) {

$username = $_POST['username'];

        $qryS="SELECT * FROM student WHERE ID='$username';";
        $resultS=mysql_query($qryS);
            if($resultS){
            if(mysql_num_rows($resultS)>=1) {

            header("location: studentprofile.php");
            }}
                else {

            echo"<p><small> There was an error</p>";

            }   
}

         ?>
      <input type="submit" name="submitted" value="Submit" /></p>

    </form>
Lamia
  • 49
  • 2
  • 11
  • 1
    You can't make changes to the header after something has already been sent to the buffer. Would need to do it before you output any html or echo anything. – Pitchinnate Apr 03 '13 at 19:43
  • possible duplicate of [Headers already sent by PHP](http://stackoverflow.com/questions/8028957/headers-already-sent-by-php) – user229044 Apr 03 '13 at 19:44
  • Also http://bobby-tables.com/ - Escape database input strings, or if clever, look into prepared statements, which are easier to get right. – mario Apr 03 '13 at 19:47
  • @meagar Thank you so much. Should I delete this one? – Lamia Apr 03 '13 at 19:57

5 Answers5

3

You can not send any headers after you already sent data (HTML). If you move the if-clauses and header() calls to before you output anything - there's no problems.

Clarence
  • 2,944
  • 18
  • 16
  • 2
    Or just do it properly and and separate that kind of logic from the view. However that answer would have to be rather lengthy to be constructive and probably would not be used anyways. – Clarence Apr 03 '13 at 19:46
0

Yes, it is possible (so long as no output is sent to the browser -- you can use output buffering in your case). You just have to ensure that the logic prevents a redirect loop.

Michael
  • 11,912
  • 6
  • 49
  • 64
0

You should use header("location: studentprofile.php"); before anything. Use it at the top of your file, before the html tags.

Hugo Dozois
  • 8,147
  • 12
  • 54
  • 58
Mehdi Yeganeh
  • 2,019
  • 2
  • 24
  • 42
  • You mean I separate my php? can the if statement be in 2 parts? cause there's an echo inside that if needed to be performed when there's no result – Lamia Apr 03 '13 at 19:54
0
<?php
if (isset($_POST['submitted'])) {

    $username = mysql_real_escape_string($_POST['username']);

    $qryS = "SELECT * FROM student WHERE ID='$username'";
    $resultS = mysql_query($qryS);

    // changed to == 1, you probably only want to select one record
    if(mysql_num_rows($resultS) ==1) {
        header("location: studentprofile.php");
    } else {
        echo"<p><small> There was an error</p>";
    }
}
?>

<form action="?submitted" method="post">
<input type="text" name="username" value="" />
<input type="submit" name="submitted" value="Submit" /></p>
</form>
Brian Kerr
  • 411
  • 3
  • 14
  • What about the message I want to print before the submit button? – Lamia Apr 03 '13 at 19:55
  • You can print any kind of message as long as you are not trying to manipulate the headers. The header call must come before any HTML outputted to the page. – Brian Kerr Apr 03 '13 at 19:59
-1

You can use JavaScript.

For example:

<?php
...
if(mysql_num_rows($resultS)>=1) {
    ?>
    <script>
    window.location = 'studentprofile.php';
    </script>
    <?php
}}
user229044
  • 232,980
  • 40
  • 330
  • 338
denisko
  • 94
  • 1
  • 4
  • 1
    You *can* use JavaScript, but you shouldn't. The underlying HTTP protocol supports redirection, and that's the place where redirection should take place. This is an abuse of JavaScript. – user229044 Apr 04 '13 at 01:28
  • yes it is abuse javascript, but this method also need to know – denisko Apr 12 '13 at 11:56