Why on Xampp header works but on online webhost doesnt work?

Question

is there any mistake? This fikle is where user goes after his registration, but when i upload my fiels on online webhsot doestn work rightt, it stacks on the page and shows me a white page, but the registration goes in database, so the problerm is why the header does work?

<?php 
    session_start();
    
    $fname = $_POST['fname'];
    $lname = $_POST['lname'];
    $username = $_POST['username'];
    $email = $_POST['email'];
    $p1= $_POST['password'];
    $password = password_hash($p1,PASSWORD_DEFAULT);
    $host = "localhost";
    $dbname = "id12725183_rentanythingusers";
    $dbuser = "id12725183_root";
    $dbport = 3306;
    $dbpass = "PRi~r99B)Dd1xdKM";

    $dsn = "mysql:host={$host};dbname={$dbname};port={$dbport}charset=utf8mb4";
    if(empty($fname)  ){
        header("location:User.php?error=Το όνομα είναι υποχρεωτικό!!#logariasmos");
    }else if(empty($lname)){
        header("location:User.php?error=Το επίθετο είναι υποχρεωτικό!!#logariasmos");
    }else if(empty($username)){
        header("location:User.php?error=Το username είναι υποχρεωτικό!!#logariasmos");
    }else if(empty($email)){
        header("location:User.php?error=Το email είναι υποχρεωτικό!!#logariasmos");
    }else if(password_verify("", $password)){
        header("location:User.php?error=Ο κωδικός είναι υποχρεωτικός!!#logariasmos");
    }else if( strlen($username)<6 ){
        header("location:User.php?error=Το username πρέπει να αποτελείτε απο τουλάχιστον 6 ψηφία!!#logariasmos");
    }else if( strlen($p1)<6){
        header("location:User.php?error=Το password πρέπει να αποτελείτε απο τουλάχιστον 6 ψηφία!!#logariasmos");
    }else{
        try{
            $options = [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION ];
            $pdo = new PDO($dsn, $dbuser, $dbpass, $options);
            $stmt = $pdo->prepare('INSERT INTO rentanythingregistered(fname, lname, username, email, password) VALUES(:fname, :lname, :username, :email, :password)');
            $stmt->execute(["fname"=>$fname, "lname"=>$lname, "username"=>$username, "email"=>$email, "password"=>$password]);
            $_SESSION['ifregistered']=1;
            header('location:User.php?message=Η εγγραφή σας ήταν επιτυχης, μπορείτε να συνδεθείτε στον λογαριασμό σας!');
        }catch(PDOException $e){
            if ($e->errorInfo[1] === 1062) {
                header("location:User.php?error=Το email ή το password, χρησιμοποιείτε ήδη!!#logariasmos");
            }
            else{
                header("location:User.php?error=Connection failed: . $e->getMessage()!#logariasmos");
            }
        }
    } 
?>

score 0 · Answer 1 · answered Jul 01 '21 at 10:39

0

this will not answer your question but i wanted to give you some feedback about your code.

instead of doing
```
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$username = $_POST['username'];
$password = $_POST['password'];
```
just use extract($_POST): it will simply create variables named as the indexes of the array you pass as argument read more here
if this script is used for registration, there's no need to use password_verify(). in fact you should use it when the user attempts to login. and also you're using it improperly, because the first parameter must be the non-hashes password, and the second the hashes password read more here
it's not a good practice to add spaces in the url. you should use characters like dash to separate words in the url, so it would be better to replace this
```
header("location: /example_page.php?error=username cannot be empty")
```
with this
```
header("location: /example_page.php?error=username-cannot-be-empty")
```

answered Jul 01 '21 at 10:39

Ciro_23

3
3

Using `extract(...)` would be a security-leak in this case (e.g. can override more variables than we want). – Top-Master Jul 01 '21 at 10:57
i didn't notice the warning message in the documentation, can i ask why it would be a security leak? – Ciro_23 Jul 01 '21 at 11:06
Sorry, actually it's always a security leak to convert user-input to variables and hope they do not override anything important. – Top-Master Jul 01 '21 at 11:47
Thank you very much my friend, i am beginner and you gave me very usefull advices! – Spaliaras4k18cm Jul 02 '21 at 15:56

Top-Master · Answer 2 · 2021-07-01T11:57:48.973

If I understood correctly, everything works correctly except your redirection-header.

And even that works fine on your local.

The problem might be with the path and/or URL, I mean, while "User.php" is fine for your local, but you should not expect it to work everywhere.

Try "/User.php" instead.
Most servers are case-sensitive, ensure User.php is exactly the same as the file-name.
If nothing else works, try resolving-address like:

function resolveUrl($suffix){
  return sprintf(
    "%s://%s%s/$suffix",
    isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ? 'https' : 'http',
    $_SERVER['SERVER_NAME'],
    $_SERVER['REQUEST_URI']
  );
}


$userUrl = resolveUrl('User.php');

And use $userUrl variable everywhere else, like:

header("location:$userUrl?error=Το όνομα είναι υποχρεωτικό!!#logariasmos");

My friend, i am 100% studpi, the problem was the first line. it was empty, i start my code from second line and it was problem!!!! — Spaliaras4k18cm, Jul 02 '21 at 15:57
Good that you could fix it, but if nothing in my post was related to solving it, please say that clearly (and I delete my answer). — Top-Master, Jul 02 '21 at 16:29

Why on Xampp header works but on online webhost doesnt work?

2 Answers2