Error in header function

Question

I'm using the php header function for the redirection but it is not working.I'm using the following code.

  $sql=mysql_query("select * from password where username='$email' and password1 = '$pwd'");
  //echo "selct * from password where username='$email' and password = '$pwd'";
  $row=mysql_fetch_row($sql);
  $fieldset=mysql_num_rows($sql);
  $host=$_SERVER['HTTP_HOST']."/beta/";
  if($fieldset>0 && $conEmail !="")
   {
     $_SESSION['email']=$email;
     $_SESSION['Email']=$email;
     $_SESSION['memberID']=$id;
     $_SESSION['status']='Admin'; 
     header("location:http://".$host."member.php");
   }

Are you sure the `if` condition evaluates to `true`? It's possible that they don't and the `header()` function never gets called. — NullUserException, Mar 30 '12 at 20:21
PS: No offense, but the code looks **very** amateurish. Which means chances are you are doing things wrong, like not hashing passwords or not escaping user input. — NullUserException, Mar 30 '12 at 20:24
debug the if statement. Is $conEmail not empty? if you substitute header(..) with a print statement, do you see the output of the print statement? — Daxcode, Mar 30 '12 at 20:25
"Hello my password is `';DROP TABLE password;--`, why doesn't your website work?" — CanSpice, Mar 30 '12 at 20:26
Yes.I'm using the header function in both if and else part .It is not working. — user1178695, Mar 30 '12 at 20:26
Any chance there is an error on the MySQL end? I would try adding in this line: `echo mysql_error();` — Andrew De Forest, Mar 30 '12 at 20:40
possible duplicate of [Headers already sent by PHP](http://stackoverflow.com/questions/8028957/headers-already-sent-by-php) — mario, Mar 30 '12 at 22:41

score 0 · Answer 1 · answered Mar 30 '12 at 20:26

Make sure that if statement is evaluation true. Put an echo "Testing host=".$host; before the header statement and see if it executes. If that does, make sure you are setting the value of $host properly.

If you are still at a loss, make sure the server isn't doing some funky stuff, so put this at the top of the page:

header( "Location: http://www.stackoverflow.com" );

score 0 · Answer 2 · answered Mar 30 '12 at 20:29

You're redirection line needs to have "Location" with an uppercase "L" header("Location:http://".$host."member.php");

since the official specification doesn't have a "location" header, but a "Location".

the way you have will fail without any warnings.

From: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html

The Location response-header field is used to redirect the recipient to a location other than the Request-URI for completion of the request or identification of a new resource. For 201 (Created) responses, the Location is that of the new resource which was created by the request. For 3xx responses, the location SHOULD indicate the server's preferred URI for automatic redirection to the resource. The field value consists of a single absolute URI.

   Location       = "Location" ":" absoluteURI

An example is:

   Location: http://www.w3.org/pub/WWW/People.html
  Note: The Content-Location header field (section 14.14) differs
  from Location in that the Content-Location identifies the original
  location of the entity enclosed in the request. It is therefore
  possible for a response to contain header fields for both Location
  and Content-Location. Also see section 13.10 for cache
  requirements of some methods.

This isn't necessarily true, it should work fine with a lowercase L — Andrew De Forest, Mar 30 '12 at 20:34
Why downvoting this answer ? It it always a good idea to follow W3 or RFC recommendations as they represent the standards of the internet. — Pierre-Olivier, Mar 30 '12 at 20:46

score 0 · Answer 3 · answered Mar 30 '12 at 20:30

0

Try putting a space after 'location:' so

header("location:http://".$host."member.php");

becomes

header("location: http://".$host."member.php");

answered Mar 30 '12 at 20:30

Error in header function

3 Answers3