How do I implement post/redirect/get in PHP if my handler requires session data?

Question

I'm trying to understand how I would implement the post/redirect/get pattern if my handler page where everything is $_POST'd to requires session data (checking if the user is logged in, lets say)

I can't call: header("Location /somenewplace", 303); because I'd get a 'Cannot modify headers' error, as I've already called session_start() to get the session data.

Can someone help me understand this pattern a bit better, should your handler require interacting with session data?

Thank you,

http://stackoverflow.com/questions/3109141/cannot-modify-header-information-headers-already-sent-by — André Laszlo, Jul 06 '11 at 21:01
@André Laszlo - This question is not a duplicate of that. The OP knows _why_ it's happening, this specifically asks how to deal with session data _prior_ to redirecting. — Tim Post, Jul 08 '11 at 03:38
@André Laszlo Well, kind of isn't _exact_ and the link you left in comments is still here. It's all good :) — Tim Post, Jul 08 '11 at 12:43

score 2 · Answer 1 · answered Jul 06 '11 at 20:59

2

There is something wrong in your code. The session_start() shouldn't send the headers. Use PHP output buffering to ensure no output is sent.

answered Jul 06 '11 at 20:59

Gedrox

3,592
1
21
29

score 2 · Answer 2 · answered Jul 06 '11 at 20:59

A call to session_start() should only modify the headers. You probably outputted some data somewhere else in your script. When PHP gives you the message 'Cannot modify headers' it usually tells you on which line the output was started.

So sessions should not prevent you from doing any redirects or other things.

score 2 · Accepted Answer · answered Jul 06 '11 at 21:00

2

Usually when I get that error its because something has already been outputted to the user. You cannot output any data before calling header(). Check to see if you are printing/echoing anything before header is called. Also check your closing tags on your scripts, if you have a space after a closing tag ?> php will output that to the user and set the headers.

answered Jul 06 '11 at 21:00

copacetic

414
4
13

WOW! This was it. I had a single space character at the bottom of one of my included files and was outputting this. Once I removed it the header() call worked. Thank you! – barfoon Jul 06 '11 at 21:14
1

A very common practice which is embraced by several coding communities is to always leave out the closing ?> tag. This wont cause any errors or warnings and it will prevent this error in the future – copacetic Jul 07 '11 at 16:17

score 1 · Answer 4 · answered Jul 06 '11 at 21:00

1

Check out using ob_start() and ob_end_flush() to use output buffering.

answered Jul 06 '11 at 21:00

kinakuta

9,029
1
39
48

How do I implement post/redirect/get in PHP if my handler requires session data?

4 Answers4