Rayan Sp Rayan Sp -4 years ago 100
PHP Question

Header Location doesn't redirect

I been staring at this code for hours now. Also read a lot of suggestions to go about this error on this site. But I can't figure why header location is not redirecting me.

**I know this might be a duplicate question, but I don't get "headers already sent Error, so I guess it could be different as I tried the suggested solutions **

What I tried so far


  • ob_start();

  • error_reporting(E_ALL);

  • ini_set('display_errors', TRUE);

  • Change the file to UTF-8-BOM

  • Delete the file & Create it again

  • Replaced
    ../dashboard.php
    with the absolute URL

  • Removed all the white spaces



But it's still not working, the page refreshes only, and the URL remains the same.

This is the php code

<?php
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
ob_start();
include "config.php";
if (isset ($_POST['lemail']) && isset($_POST['lpassword'])) {
$email = $_POST['lemail'];
$password = $_POST['lpassword'];


$email = mysqli_real_escape_string ($connection, $email);
$password = mysqli_real_escape_string ($connection, $password);

// sha256 password hashing
$hashed_password = hash('sha256', $password);

$query = "SELECT * FROM users WHERE userEmail = '{$email}' AND userPassword = '{$hashed_password}'";
$select_user_query = mysqli_query ($connection, $query);
if (!$select_user_query) {
die ("Query Failed". mysqli_error($connection));

}
$count = mysqli_num_rows($select_user_query);
if($count == 1) {
header("Location:http://localhost/honest/dashboard.php");
exit(0);
} else {
echo "Not OK";
}

}
ob_end_flush();
?>


Edit:
The question was labeled as duplicate with a different question which is not related to what I am trying to achieve.

I am trying to redirect the page through PHP itself and not through Javascript.

Answer Source

When you use ajax request, don't redirect in php, you need to redirect in the ajax success call, below it show you could achieve this.

<script type="text/javascript">

            $('document').ready(function(){

                $('form').submit(function(e){

                    e.preventDefault();

                    var FormData = $('form').serialize();

                    $.ajax({

                        type : 'POST',
                        data : FormData,
                        url  :'Your-login-Page.php',
                        datatype : 'json',
                        encode : true,
                        success : function(response){

                           response = JSON.parse(response);

                           if(response == "ok"){
                                //login sucess

                                $('#SuccessDiv').html('Login success');
                             setTimeout(' window.location.href = "dashboard.php"; ', 6000);

                           }else{

                                $('#ErrorDiv').html(response);
                           }
                        }

                    });

                });

            });
    </script>

then your login

    <?php
    error_reporting(E_ALL); 
    ini_set('display_errors', TRUE);
    ob_start();
    $message ='';
    include "config.php";
    if (isset ($_POST['lemail']) && isset($_POST['lpassword'])) {
        $email = $_POST['lemail'];
        $password = $_POST['lpassword'];


        $email = mysqli_real_escape_string ($connection, $email);
        $password = mysqli_real_escape_string ($connection, $password);

        // sha256 password hashing
        $hashed_password = hash('sha256', $password);

        $query = "SELECT * FROM users WHERE userEmail = '{$email}' AND userPassword = '{$hashed_password}'";
        $select_user_query = mysqli_query ($connection, $query); 
        if (!$select_user_query) {
            die ("Query Failed". mysqli_error($connection));

        }
        $count = mysqli_num_rows($select_user_query);
        if($count == 1) {
            $message = 'ok';
        } else {
            $message =  "username and password does not match";
        }

        echo json_encode($message);

    }
    ?>

In your php, I will advice you to use mysqli prepared statements or better use PDO prepared statements, and also use the more secured password hash provided with php, which are password_hash(); and password_verify() functions.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download