-1

I am writing a code to connect to mysql and retrieve login info. I use connect.php to hold sensitive data which I get using require_once in login.php:

<?php
$servername = "xxx";
$username = "xxx";
$password = "xxx";
$dbname = "xxx";
?> 

<?php
$checkMail= $_POST["email"];
$checkPwd= $_POST["password"];
$registration_status='Active';
require_once ('connect.php'); 
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed, please retry later: " . $conn->connect_error);
}
$sql = "SELECT email, password, registration_type, registration_status, emailupdate FROM registration where  email='".$checkMail."'";
$result = $conn->query($sql);
if ($result->num_rows == 1) {
while($row = $result->fetch_assoc()) {
if ($row['registration_status'] == "Deactive") {
session_start();    
$_SESSION['error'] = "<b>This user name is deactivated. <br> Please create a new account.</b><span>";
header("Location: http://www.xxxxxxx//registration.php"); /* Redirect browser */ 
}
elseif (password_verify($checkPwd, $row['password'])) {
?>

With above, the db connection goes fine, but the header commands are not executed. If I remove require_once in login.php and I add directly the content of connect.php, so to have

$checkMail= $_POST["email"];
$checkPwd= $_POST["password"];
$registration_status='Active';
$servername = "xxx";
$username = "xxx";
$password = "xxx";
$dbname = "xxx"; 
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed, please retry later: " . $conn->connect_error);
}
$sql = "SELECT email, password, registration_type, registration_status, emailupdate FROM registration where  email='".$checkMail."'";
$result = $conn->query($sql);
if ($result->num_rows == 1) {
while($row = $result->fetch_assoc()) {
if ($row['registration_status'] == "Deactive") {
session_start();    
$_SESSION['error'] = "<b>This user name is deactivated. <br> Please create a new account.</b><span>";
header("Location: http://www.xxxxxxx/registration.php"); /* Redirect browser */

the header command is correctly processed and the redirection works successfully.

header and require_once are not compatible? or am I missing something else?

Thank you for your support

alessandro
  • 1
  • 1
  • 1
    Of course, they are compatible. What else have you tried to resolve the problem? Also, be warned that your SQL query is widely open for SQL injection. Better have a look at prepared statements – Nico Haase Jun 29 '21 at 12:01
  • 2
    `$dbname = "xxx"; ?> – Michel Jun 29 '21 at 12:07
  • 1
    _“or am I missing something else?”_ - sounds like you probably missed to configure PHP error reporting in a way sensible for development. Otherwise, you’d have gotten an error message that told you what was up, and also explicitly _where_ the first output was created. – CBroe Jun 29 '21 at 12:12
  • I do not close and reopen the tag. those are 2 different scripts: connect.php contains the first scripts and login contains the second scripts. the first script is called via require_once command. anyway, I will review the code as suggested by Nico Haase in the first answer. – alessandro Jun 29 '21 at 12:29
  • You don't even need the `?>` at the end of the connect.php, just remove it and maybe that might help – ADyson Jun 29 '21 at 12:33
  • 1
    Also, it could help to use `exit` after setting the header, just to **force stop** the script exactly there – Nico Haase Jun 29 '21 at 12:34

1 Answers1

3

Whitespace

The headers won't work because you have whitespace being printed. Remove this close/open tag combination and try again.

webdev
  • 31
  • 1
  • Posting images of code is not good, it would be just as easy to have posted the code as text (with markup) as to make and post the image. – Nigel Ren Jun 29 '21 at 12:25
  • I do not close and reopen the tag. those are 2 different scripts: connect.php contains the first scripts and login contains the second scripts. anyway, I will review the code as suggested by Nico Haase in the first answer. – alessandro Jun 29 '21 at 12:26