1

I've checked and re checked and I don't know what I'm doing wrong. No errors are showing up, it just directs me no where after I submit a login page.. any suggestions?

header:

    <html>
<head>
<title><?php echo $title; ?></title>
<style type ="text/css">


#top_links  a:link, a:visited{
    width: 100%;
    display: block;
    font-weight: bold;
    color: #FFFFFF;
    background-color: black;
    text-align: center;
    padding: 4px;
    text-decoration: none;
    text-transform: uppercase;
    border: none;
    font-family: "Trebuchet MS", Helvetica, sans-serif;
}

#top_links ul{
    display: table-row;
}

#top_links li{
    display: table-cell;
    margin: 0;
}

#top_links a:hover {
    color: pink;

}

</style>
</head>

<body<div id="top_links">
<ul>
    <li><a href="REGISTRATION_FORM&HANDLE.php">Register</a></li>
    <li><a href="LOGIN.php">Login</a></li>
</ul>
</div>

LOGIN.php file:

<?php

require_once('../../../secure_files/mysql_connect.php');
$title = 'Login';
include_once('header.php');
if(isset($_POST['validate'])) {
    $errors = array();
    function validate_func($value, $msg, $val_type) {
        global $link;
        switch ($val_type) {
            case 'string':
                if(empty($value)){
                    $errors[] = "You forgot to enter your email ".$msg;
                }else{
                    $value = mysqli_real_escape_string($link, trim($value));
                }
                break;

            case 'password':
                if(empty($value)) {
                    $errors[] = "You forgot to enter your email ".$msg;
                }else{
                    $value = trim($value);
                }
                break;
            case 'number':
                if(!isset($value)||!is_numeric($value)) {
                    $error[] = "You forgot to enter ".$msg." or the value you entered is not a number.";
                }else{
                    $value = trim($value);
                }
                break;
        }
        return $value;
    }

    $email = validate_func($_POST['email'], "email", "string");
    $password = validate_func($_POST['password'], "password", "password");  
    if(!count($errors) != 0){
            foreach($errors as $value) {
                echo $value." <br />";
            }
    }else {
        $select_guest = "SELECT GUEST_INFO_ID FROM GUEST_INFO WHERE EMAIL = '$email' AND PASSWORD = sha1('$password') LIMIT 1";
        $exec_select_guest = @mysqli_query($link, $select_guest);
            if(mysqli_num_rows($exec_select_guest) != 1) {
                echo "You are not an authentic user, you are being directed to the registration page...";
                mysqli_close($link);
                header("Refresh:3; url='REGISTRATION_FORM&HANDLE.php'");
            }else{
                $one_record = @mysqli_fetch_row($exec_select_guest);
                setcookie('GUEST_INFO_ID', $one_record[0], 0, '/', '', 0, 0);
                echo "You are an authentic user";
                header("Refresh:3; url='GUEST_MAIN_MENU.php'");             
            }
    }

} else{
?>
    <div id="LOGIN_MAIN">
        <form action="<?php echo $_SERVER['PHP_SELF'];?>" method = "post" >

            <div>
            Email:<input type="text" name="email"  id="email"  />
            </div>

            <div>
            Password:<input type='password' name='password' id='password' />
             </div>

             <div>
            <input type='submit' name='submit' id='submit' value='Submit' />
            <input type='reset' name='reset' id='reset' value='Reset' />    
            <input type="hidden" name="validate" ID="validate" value="Reset" />
            </div>

        </form>

    </div>

<?php
}

include('footer.php');
?>

and my footer:

</body>
</html>
rabbitinred
  • 13
  • 2
  • Possible duplicate of [How to fix "Headers already sent" error in PHP](http://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php) – Jocelyn Nov 25 '15 at 01:31

1 Answers1

0

The reason is, that you echoed something before you set the headers.

Any header MUST be before any other output to be valid.
See the php-manual for header()

So remove

echo $value." <br />";
echo "You are not an authentic user, you a...";

or any output before the header-redirection and it'll work!

If you want to redirect AFTER the user has seen the response, you will have to work with a javascript redirection! That would then be something like this:

<script>
// redirects after 3 seconds
setTimeout(function(){ 
      window.location.href = "GUEST_MAIN_MENU.php";; 
   }, 3000);

</script>

Sidecomment:
Anyway, I would recommend to test the user credentials without loading a new (or the same) php-script again. Have a look at javascript ajax! Using this technique the user will stay on the same page and get a more immediate response that your app also can react to with messages and redirections.

Jeff
  • 6,895
  • 1
  • 15
  • 33