header not working the way i want it too

[Imon Fyre]

ok, this is probly an incompatibility with older php software, but at one point i had made a login screen that work perfectly (this was almost exactly a year ago)

and now when i try to do something similar with my old code, it will not do what i want... heres the code that is giving me a headache

and i would also like to iterate that i have no access to configuring php, as it is not my server that i am testing code on

basically the role of the function where the header() is called is just supposed to look at the password the user entered, and then redirect to the survey page

PHP Code:

<?php
    //session_start();
    //$_SESSION['password'];
    $passwordcheck = '';
    
    if(!isset($_REQUEST['enter']))
    {
        login_page();
    }
    else
    {
        password_verify($_REQUEST['pass']);
    }
    
    /******************************************************************
    **this function authenticates an entered password                **
    **against a supplied password                                      **
    ******************************************************************/ 
    function password_verify($pass)
    {
            $password = "booger";
            //echo "$pass";
            if($pass===$password)
            {                
                header("location: survey.php"); // <--- this is the line that is being bitchy!!
            }
            else 
            {
                login_page();
            }
        //session_start();        
       }
    
    function login_page()
    {
        $self = $_SERVER['PHP_SELF'];
        ?>
        
        <html>
        <body>
        <h2>Please Enter the Correct Password to Proceed</h2>
        <form name='passcheck' method='post' action='<?php echo $self?>'>
            <table>
                <tr>
                    <td>Password</td>
                    <td><input type='password' name='pass' /></td>
                </tr>
                <tr>
                    <td><input type='submit' name='enter' value='enter'></td>
                </tr>
            </table>
        </form>
        </body>
        </html>
<?php
    }
    
    
?>

[redhead]

Quote:

if($pass===$password)
{
header(...);
....

tripple X ??

[Imon Fyre]

huh?? triple X?

[NirTivAal]

http://www.w3.org/Protocols/rfc2616/....html#sec14.30

Looks to me like you need to use the full address instead of just "survey.php"

[sde]

hey fyre,

if you expect to get any worth while feedback, you really need to post 3 things.

1. the code ( you did )
2. the error ( if it exists, if not, just say it doesn't generate errors )
3. an explination of what it is, or isn't doing.

since you mention an older version of php, you may also want to post the version.

just run phpinfo(); to find out.

did you try fixing what redhead suggested? and maybe he meant 'tripple equal signs' since you have 3 '='

[redhead]

Quote:

Originally posted by Imon Fyre
huh?? triple X?

What I ment was, that since there are no === operator in PHP, it might be what the bugger was complaining about. Sorry if I didn't have time to explain it thouroghly, but reading through the code looking for something which seems wrong took some time.

Eventho the Location: header will be understood by most browsers, it might be a good thing(tm) to do what NirTivAal suggests and give the absolute URL, it can be done with something like:

PHP Code:

header("Location: http://" 
                  . $_SERVER['HTTP_HOST']
                  . dirname($_SERVER['PHP_SELF'])
                  . "/survey.php"); 


[Imon Fyre]

k, ill try using the whole url thing again, tried it earlier...

what the problem is is that when the file is in the exact form you see before you, when you hit submit, it will take the info, and just redisplay the page again minus the password

when i send some information beforehand to the browser (such a <html> tag or whatnot) it comes back with something along the lines of header already sent to browser


and the '===' operator works just fine.. i made sure to test it earlier...

[redhead]

Quote:

Originally posted by Imon Fyre
when i send some information beforehand to the browser (such a <html> tag or whatnot) it comes back with something along the lines of header already sent to browser

This is due to the fact, that header() info must be send befor any text/stream/whatnot is send to the browser.

Quote:

and the '===' operator works just fine.. i made sure to test it earlier...

Sorry, didn't see the explanation on http://php.net/operators.comparison

Quote:

$a === $b Identical TRUE if $a is equal to $b, and they are of the same type. (PHP 4 only)

How about trying:

PHP Code:

if(!isset($_POST['enter'])) 
    { 
        login_page(); 
    } 
    else 
    { 
        password_verify($_POST['pass']); 
    } 


Since you use the post method in your form.

[Imon Fyre]

ok i just checked, php version is 4.3.3 on apache 1.3.29 on gentoo linux.

and no, i just tried using the $_POST method and the absolute pathname methods, neither seemed to work

and i had a thought, does the fact that apache has keep alive on make any difference at all?

and another thought... by doing a $_REQUES T or a $_POST, is that retrieving or sending some kind of header to the browser??

and another note, ive done some looking around and have tried puttin ob_start and ob_end_flush() at the beginning and end of the script respectively, and nothing has changed

[Imon Fyre]

and something else interesting just happened... i basically said lets try an experiment, and stuck the header() call into the else at the top of the file, and got rid of the !, and i got a message saying

Quote:

Redirection limit of this URL exceeded. Unable to load requested page. This may be caused by cookies that are blocked

[Imon Fyre]

ok guys, got it fixed, im a douche-bag....

had sessions set up on the other file to redirect back to the index file if the seesion password wasnt right