p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   Beginning PHP (http://p2p.wrox.com/forumdisplay.php?f=95)
-   -   creating a bulletin board system (http://p2p.wrox.com/showthread.php?t=20281)

djfranknitti October 22nd, 2004 10:57 PM

creating a bulletin board system
 
hi, my name is frank ivey and i am a avid reader of books from he wrox publishing. I am also a big fan of php and mysql. I just bought the book "beginning php, apache, mysql web development" and I must say that it has bee very edcational and easy to read. I am currently talcking a problem in chapter 15, creating a BB system. the giving code for http.php is suppose to redirect the user to index.php. but i think it is trying to redirect to itself instead (http.php).

when ever i try to submit a login it calls the transact-user.php script. This script works find until it calls the redirct function from http.php. Then I get an error that states "Could not redirect; Headers already sent (output)." which is the error i told it to print if it cant find the header.

I am posting my transact-user.php code and http.php code at the bottom. This code is the same as it is in the book.

transact-user.php:

<?php

require_once 'conn.php';
require_once 'http.php';

if (isset($_REQUEST['action'])) {
  switch ($_REQUEST['action']) {
    case 'Login':
      if (isset($_POST['email'])
          and isset($_POST['passwd']))
      {
        $sql = "SELECT id,access_lvl,name,last_login " .
               "FROM forum_users " .
               "WHERE email='" . $_POST['email'] . "' " .
               "AND passwd='" . $_POST['passwd'] . "'";
        $result = mysql_query($sql,$conn)
          or die('Could not look up user information; ' . mysql_error());

        if ($row = mysql_fetch_array($result)) {
          session_start();
          $_SESSION['user_id'] = $row['id'];
          $_SESSION['access_lvl'] = $row['access_lvl'];
          $_SESSION['name'] = $row['name'];
          $_SESSION['last_login'] = $row['last_login'];
          $sql = "UPDATE forum_users SET last_login = '".
                 date("Y-m-d H:i:s",time()) . "' ".
                 "WHERE id = ". $row['id'];
          mysql_query($sql,$conn)
          or die(mysql_error()."<br>".$sql);
        }
      }
      redirect('index.php');
      break;

    case 'Logout':
      session_start();
      session_unset();
      session_destroy();

      redirect('index.php');
      break;

    case 'Create Account':
      if (isset($_POST['name'])
          and isset($_POST['email'])
          and isset($_POST['passwd'])
          and isset($_POST['passwd2'])
          and $_POST['passwd'] == $_POST['passwd2'])
      {
        $sql = "INSERT INTO forum_users ".
               "(email,name,passwd,date_joined,last_login) " .
               "VALUES ('" . $_POST['email'] . "','" .
               $_POST['name'] . "','" . $_POST['passwd'] . "','".
               date("Y-m-d H:i:s",time()). "','".
               date("Y-m-d H:i:s",time()). "')";

        mysql_query($sql,$conn)
          or die('Could not create user account; ' . mysql_error());

        session_start();
        $_SESSION['user_id'] = mysql_insert_id($conn);
        $_SESSION['access_lvl'] = 1;
        $_SESSION['name'] = $_POST['name'];
        $_SESSION['login_time'] = date("Y-m-d H:i:s",time());
      }
      redirect('index.php');
      break;

    case 'Modify Account':
      if (isset($_POST['name'])
          and isset($_POST['email'])
          and isset($_POST['accesslvl'])
          and isset($_POST['userid']))
      {
        $sql = "UPDATE forum_users " .
               "SET email='" . $_POST['email'] .
               "', name='" . $_POST['name'] .
               "', access_lvl=" . $_POST['accesslvl'] .
               ", signature='" . $_POST['signature'] . "' " .
               " WHERE id=" . $_POST['userid'];

        mysql_query($sql,$conn)
          or die('Could not update user account... ' . mysql_error() .
                 '<br>SQL: ' . $sql);
      }
      redirect('admin.php');
      break;

    case 'Edit Account':
      if (isset($_POST['name'])
          and isset($_POST['email'])
          and isset($_POST['accesslvl'])
          and isset($_POST['userid']))
      {
        $chg_pw=FALSE;
        if (isset($_POST['oldpasswd'])
            and $_POST['oldpasswd'] != '') {
          $sql = "SELECT passwd FROM forum_users " .
                    "WHERE id=" . $_POST['userid'];
          $result = mysql_query($sql) or die(mysql_error());
          if ($row = mysql_fetch_array($result)) {
            if (($row['passwd'] == $_POST['oldpasswd'])
                and (isset($_POST['passwd']))
                and (isset($_POST['passwd2']))
                and ($_POST['passwd'] == $_POST['passwd2']))
            {
              $chg_pw = TRUE;
            } else {
              redirect('useraccount.php?error=nopassedit');
              break;
            }
          }
        }
        $sql = "UPDATE forum_users " .
               "SET email='" . $_POST['email'] .
               "', name='" . $_POST['name'] .
               "', access_lvl=" . $_POST['accesslvl'] .
               ", signature='" . $_POST['signature'];
        if ($chg_pw) {
          $sql .= "', passwd='" . $_POST['passwd'];
        }
        $sql .= "' WHERE id=" . $_POST['userid'];
        mysql_query($sql,$conn)
          or die('Could not update user account... ' . mysql_error() .
                 '<br>SQL: ' . $sql);
      }
      redirect('useraccount.php?blah=' . $_POST['userid']);
      break;

    case 'Send my reminder!':
      if (isset($_POST['email'])) {
        $sql = "SELECT passwd FROM forum_users " .
               "WHERE email='" . $_POST['email'] . "'";

        $result = mysql_query($sql,$conn)
          or die('Could not look up password; ' . mysql_error());

        if (mysql_num_rows($result)) {
          $row = mysql_fetch_array($result);

          $subject = 'Comic site password reminder';
          $body = "Just a reminder, your password for the " .
                  "Comic Book Appreciation site is: " . $row['passwd'] .
                  "\n\nYou can use this to log in at http://" .
                  $_SERVER['HTTP_HOST'] .
                  dirname($_SERVER['PHP_SELF']) . '/login.php?e='.
                  $_POST['email'];
          $headers = "From: admin@yoursite.com\r\n";

          mail($_POST['email'],$subject,$body,$headers)
            or die('Could not send reminder email.');
        }
      }
      redirect('login.php');
      break;
  }
}
?>









http.php:
<?php
function redirect($url) {
  if (!headers_sent()) {
    header('Location: http://' . $_SERVER['HTTP_HOST'] .
      dirname($_SERVER['PHP_SELF']) . '/' . $url);
  } else {
    die('Could not redirect; Headers already sent (output).');
  }
}
?>

:(:([?][?][?][?][?][?]:(

imaginethis October 27th, 2004 08:00 AM

Hi frank. The code for the http.php file is fine. It won't be redirecting to itself but to the file that it is included it. Since the php processor will call the file transact-user.php as one file all the files that have been called as apart of it require_once 'conn.php' require_once 'http.php' will be considered apart of that document.

&lt;&gt;_&lt;&gt;


All times are GMT -4. The time now is 08:18 AM.

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.