-2
<html>
<head>
<link href="themes/home/style_home.css" rel="stylesheet" type="text/css" media="screen" />
<title>Bulacan</title>
<style type="text/css">
.style11 {color: #0B9FCA}
.style13 {font-family: Arial, Helvetica, sans-serif; font-size: 16px; color: #000000; }
</style>
</head>
<body>
<div id="header">
    <div id="menu">
        <ul>
            <li class="current_page_item"><a href="index.php">Back</a></li>
        </ul>
    </div>
</div>
<div id="logo">
</div>
<!-- end header -->
<div id="text">
<p><?php
session_start();
$idS= session_id();
$id2 = $idS;
$id = $_SESSION['id3']=$id2;
$link = mysql_connect('ipage', '*username*', '*password*');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
mysql_select_db(dbwebsite);

$fromUser=$_POST['txtuser'];
$fromPass=$_POST['txtpass'];

$_SESSION['user'] = $fromUser;

$sql="Select * from reg_members where username='$fromUser'";
$result=mysql_query($sql);

if(!$id){
        echo "no session!";}
        else{
    if(!$fromUser || !$fromPass){
        echo '<center><h1>Either username or Password is Incorrect<h1><p/>';
        session_destroy();
        }
        else
        {
        if($result){
            $row=mysql_fetch_array($result);
            $username=$row['username'];
            $password=$row['password'];
            if($fromUser==$username && $fromPass==$password){
                header("refresh: 1; index_home.php");
                echo "<center><h1>Please wait a second.....</h1><p/>";}
            elseif($fromUser=='administrator' && $fromPass=='admin123'){
                header("refresh:1;user_admin.php");
                echo "<center><h1>Please wait a second.....</h1><p/>";}
                               else{
                echo '<center><h1>Log in failed</h1><p/>';
                session_destroy();
                }
        }
    }
}
?></p>
</div>
<div id="footer">
</div>
</html>

"this is my code. i really don't know what to do i've searched so many solutions but i really can't figure out whats wrong. Its my first time putting my website on the web. need some help please please please"

user2819919
  • 35
  • 2
  • 4
  • When you say "not working", what exactly do you mean? What happens? Do you get any error messages? – Chris Herbert Sep 26 '13 at 14:44
  • 1
    Prevent any output before `header()` function call. – BlitZ Sep 26 '13 at 14:44
  • 6
    There is no way this code could EVER have worked, unless your development environment had output buffering enabled from the get-go. – Marc B Sep 26 '13 at 14:45
  • [**Please, don't use `mysql_*` functions in new code**](http://bit.ly/phpmsql). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [**red box**](http://j.mp/Te9zIL)? Learn about [*prepared statements*](http://j.mp/T9hLWi) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://j.mp/QEx8IB) will help you decide which. If you choose PDO, [here is a good tutorial](http://j.mp/PoWehJ). – h2ooooooo Sep 26 '13 at 14:49
  • What h2ooooooo said. Also, you have an sql injection vulnerability. – adhominem Sep 26 '13 at 15:04

2 Answers2

0

You cannot send header after using echo or print functions. See http://php.net/manual/en/function.header.php

"Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file."

Do your research before to post on here, it just irritates people.

Edward
  • 1,806
  • 5
  • 26
  • 36
0

In short, you can't send anything out to the browser before sending any kind of HTTP HEADER, which is how session_*() calls work. Put the PHP code related to sessions and headers at the top of the file, at the very least, to approach a working solution.

Output buffering is another potential solution, but it's "doing it the hard way". Just re-arrange your code and things will move much more smoothly.

BrianH
  • 2,140
  • 14
  • 20