-2

the redirect not allways work with me , in my situation I didn't found solution so I put a redirect using javascript code, can someone tell me what's wrong with my code and why the echo don't work also , I want echo message to the user when password or login is not correct, thanks

function getlogin($conn) {
    if (isset($_POST['loginsubmit'])) {
        $uid = mysqli_real_escape_string($conn, $_POST['uid']);
        $pwd = mysqli_real_escape_string($conn, $_POST['pwd']);

        $sql = "SELECT * from test where uid='$uid'";
        $result = $conn->query($sql);
        $row = $result->fetch_assoc();
        $hash_pwd = $row['pwd'];
        $hash = password_verify($pwd, $hash_pwd);

        if($hash == 0) {

            header("Location : test.php?error=empty");
        }



          else {

        $stmt = $conn->prepare("select * FROM test WHERE uid=? and pwd =?");
        $stmt->bind_param("ss", $username, $password); 

        $username = $uid;
        $password = $hash_pwd; 
        $stmt->execute();

        $result = $stmt->get_result();
        $rowNum = $result->num_rows;


        if ($rowNum > 0) {
            if ($row = $result->fetch_assoc()) {
                 $_SESSION['id']  = $row['id'];
                 echo "<script> window.location.replace('test.php') 
   </script>" ;
                 exit();
          }
              }else {
                  header("Location : test.php");
                  echo " echo don't work "; 
                 exit();


              }
         }
    }
    }
fivefour11fgf
  • 1
  • 4

2 Answers2

0
<script type="text/javascript">window.location.href = 'link here';</script>

Don't recommend the use of the header () function after the start of the page. Use this code in Javascript that works well and does not generate annoying errors for you.

Lucas Paz
  • 805
  • 7
  • 9
0

In majority of cases, the reason why header redirect doesn't work is that the page printed something before the header was called. It can be as simple as a single empty line, or the html tags that start a page. You should check that your sql isn't returning an error, because if there is an error message before the header, it is going to cause a warning and block a redirect. In some systems, it is set to tolerate the warning and redirect anyway, so it could be that it works locally despite of the error but when you put it in a more strict environment, it causes an error. You should temporarily comment out the redirect and see what is on the page when it stops instead of redirecting. If there is an error message, it's easy to find where the problem is. If there is an empty line, it might be harder to hunt down. Also I'm not sure if it's okay to put a space before the : after header. I've never done that. Also does your test table have both id and uid that are two separate things? Where uid is the user id and id is the session id? Because if you don't, that could be a typo.

Also, you can't put an echo after a redirect because you get redirected to another page before the echo is ever executed. So you should redirect to a page that says your login is incorrect instead of putting the echo in your function. If you don't want the page to always print that, add something like ?error=1 in the redirect, then have the page only print the message if error is set and is 1.

Ilona Ward
  • 1
  • 4