-1

I am trying to make a system that allows users to view their applications, and have the system determine where it is based off of a specific ID ( which is the variable, $APPID, in this case ), and whether the application is a mod or admin application ( $MOA ).

Here's my index.php
HTML

<html>
    <body>
        <form action="viewapp.php" method="GET">
            <h1>Is this a mod or admin application?</h1>
            <input type="radio" name="MOA" value="MOD">Mod</input><br>
            <input type="radio" name="MOA" value="ADMIN">Admin</input>
            <h1>Put Application ID Below</h1>
            <input type="text" name="APPID" placeholder="XXXX-XXXX-XXXX-XXXX" /><br><br>
            <input type="submit" value="View" />
        </form>
    </body>
</html>

And here's my PHP

PHP

error_reporting(E_ALL);

$APPID = $_GET['APPID'];
$MOA = $_GET['MOA'];

function determineStatus() {
    $MATTEMPTA = 'mod-applications/accepted/' . $APPID . '.php';
    $MATTEMPTD = 'mod-applications/denied/' . $APPID . '.php';
    $AATTEMPTA = 'admin-applications/accepted/' . $APPID . '.php';
    $AATTEMPTD = 'admin-applications/denied/' . $APPID . '.php';
    if (FILE_EXISTS($MATTEMPTA)) {
        echo 'Redirecting...';
        header('Location: https://website.com/apply/mod-applications/accepted/' . $APPID . '.php';
    } elseif (FILE_EXISTS($MATTEMPTD)) {
        echo 'Redirecting...';
        header('Location: https://website.com/apply/mod-applications/denied/' . $APPID . '.php';
    } elseif (FILE_EXISTS($AATTEMPTA)) {
        echo 'Redirecting...';
        header('Location: https://website.com/apply/admin-applications/accepted/' . $APPID . '.php';
    } elseif (FILE_EXISTS($AATTEMPTD)) {
        echo 'Redirecting...';
        header('Location: https://website.com/apply/admin-applications/denied/' . $APPID . '.php';
    } else {
        echo 'Your application was not found';
    }
}

if ($MOA == "MOD") {
    $PATH = 'mod-applications/' . $APPID . '.php';
} elseif ($MOA == "ADMIN") {
    $PATH = 'admin-applications/' . $APPID . '.php';
} else {
    die('Please select Mod or Admin');
}

if (FILE_EXISTS($PATH)) {
    echo 'Redirecting...';
    header('Location: https://website.com/apply/' . $PATH . '');
} elseif (!FILE_EXISTS($PATH)) {
    determineStatus();
} else {
    echo 'Your application was not found';
}

For some reason, this code always outputs a 500 Server Error. I have no idea why. I searched for a long time over this and couldn't find any answer. I do not see anything wrong in my syntax. It would mean a lot if someone could help me!!

EDIT
I have redone my determineStatus() function, and placed all of the echo's after the Header()'s

function determineStatus() {
    $MATTEMPTA = 'mod-applications/accepted/' . $APPID . '.php';
    $MATTEMPTD = 'mod-applications/denied/' . $APPID . '.php';
    $AATTEMPTA = 'admin-applications/accepted/' . $APPID . '.php';
    $AATTEMPTD = 'admin-applications/denied/' . $APPID . '.php';
    if (FILE_EXISTS($MATTEMPTA)) {
        header('Location: https://website.com/apply/mod-applications/accepted/' . $APPID . '.php';
        echo 'Redirecting...';
    } elseif (FILE_EXISTS($MATTEMPTD)) {
        header('Location: https://website.com/apply/mod-applications/denied/' . $APPID . '.php';
        echo 'Redirecting...';
    } elseif (FILE_EXISTS($AATTEMPTA)) {
        header('Location: https://website.com/apply/admin-applications/accepted/' . $APPID . '.php';
        echo 'Redirecting...';
    } elseif (FILE_EXISTS($AATTEMPTD)) {
        header('Location: https://website.com/apply/admin-applications/denied/' . $APPID . '.php';
        echo 'Redirecting...';
    } else {
        echo 'Your application was not found';
    }
}

EDIT
I am posting my .htaccess here ( there isn't anything in it anyways ).

Do not remove this line, otherwise mod_rewrite rules will stop working
RewriteBase /

EDIT
I have fixed the problem by removing global variables. For some reason they caused the 500 error.

burger97979
  • 85
  • 6
  • 1
    If there's a HTTP 500 Server Error, the first place to look would be your server log. If you have Apache running, that would be a file named `error.log` and / or `access.log`. – icecub Dec 25 '15 at 00:11
  • Now the first problem I see is the fact that you `echo` strings and send headers afterwards. That's not possible. Headers can only be send before any output is given. – icecub Dec 25 '15 at 00:16
  • @icecub Still outputs the error :( – burger97979 Dec 25 '15 at 00:20
  • Did you remove every `echo 'Redirecting...';` in there? – icecub Dec 25 '15 at 00:20
  • @icecub I placed them after the Header()'s – burger97979 Dec 25 '15 at 01:15
  • @icecub Would it be a problem if the echos were there? – burger97979 Dec 25 '15 at 01:19
  • PHP will throw notices about the undefined variable `$APPID` inside your function, thus failing to redirect to the page as output will be already started before doing the `header` call. You should pass the variable through the function or use `global $APPID;`. Using `global` is strongly discouraged. Either way are you sure it isn't your `htaccess` causing the 500 error? – DarkBee Dec 25 '15 at 01:31
  • Always when developing and testing code, turn on PHP's display errors. At the top of your script, `error_reporting(E_ALL); ini_set('display_errors', 1);` and as already mentioned, you'll see a number of notices related to undefined variables, as well as the source of the 500 fatal error if it was produced by PHP rather than the web server) – Michael Berkowski Dec 25 '15 at 01:42
  • Read over [How to fix Headers already sent errors in PHP](http://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php). Your code cannot produce _any output_ of any kind before calling `header()`, but the `echo` does, and if the HTML precedes it, that is invalid as well. – Michael Berkowski Dec 25 '15 at 01:43
  • @DarkBee I don't know if my .htaccess is causing it. I have updated my question with the contents of my .htaccess. – burger97979 Dec 25 '15 at 01:51
  • @burger97979 You should either remove the line `Do not remove this line, otherwise mod_rewrite rules will stop working` OR place it in comment with `#Do not remove this line, otherwise mod_rewrite rules will stop working`. This line mean you can't remove the line **beneath** it – DarkBee Dec 25 '15 at 12:26
  • @DarkBee I have added the comment to the line, and it still outputs a 500 error. – burger97979 Dec 25 '15 at 16:59
  • @DarkBee Hmm, I removed the global variable and now it seems to be working fine. Why would a global variable output a 500 error? – burger97979 Dec 25 '15 at 17:01

1 Answers1

4

There's two errors with your PHP code. If I use your edited function, you have forgotten all the ) at the end of each header([...]

Then, If you declare variables out of your function, you can't access them without using global <your_variable>;. ($APPID for example)

But anyway, I didn't get any 500 errors while testing your code. Try to check your log files to get the errors. (500 is a PHP syntax error, generally)

Sorry for my bad english, btw.

Seblor
  • 6,947
  • 1
  • 25
  • 46
  • Can you give me the error you have on your logs ? (if you have an SSH access with apache, it's in `/var/log/apache2/error.log`) – Seblor Dec 25 '15 at 01:49
  • Oh, and are you sure you haven't forgot the tags ? – Seblor Dec 25 '15 at 01:52
  • I am sure I haven't forgot the tags. I don't think I am running Apache as I don't have those files, I pay for hosting from a company and use their servers. – burger97979 Dec 25 '15 at 01:53
  • If you use 000webhosting, you have to know that I just retrieved your password from a leak. I can email it to you and tell you how I got it if you want. Oh, and I'm trying to be a white hat hacker, so don't be afraid, I won't do anything with your password. – Seblor Dec 25 '15 at 01:58
  • I don't use 000webhosting – burger97979 Dec 25 '15 at 03:33
  • Do you have something else in your php script, then ? – Seblor Dec 25 '15 at 03:36
  • Nope. Could it be my htaccess? How would I fix that? – burger97979 Dec 25 '15 at 03:52