HI All,
I'm developing a security system for a CMS but it appears that my redirect does not work.

I'm using sessions and I know that the session is being created since I did an echo on session_id().

<?php if($count==1)
	print "logged in";
	header('Location: edit.php');
	print "no";
else {
echo "Wrong Username or Password";

What's wrong, and how do I fix it to redirect after the user is authenticated?


7 Years
Discussion Span
Last Post by Virtualbase

Hey guys, thanks for the fast responses!

Do you have

<?php session_start(); ?>

at the top of your pages?

Yes, it is right at the top of the page for authenticate.php (the page I'm having issues with) and edit.php. Do I need one for login.php?

exit after redirection

header('location: edit.php');	

I've added it on but it doesn't seem to make a difference.

Looking through the error log, I found this:

[13-May-2010 12:47:09] PHP Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/authenticate.php:26) in /Applications/MAMP/htdocs/authenticate.php on line 28
[13-May-2010 12:49:10] PHP Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/authenticate.php:26) in /Applications/MAMP/htdocs/authenticate.php on line 27

All I'm doing is getting the login and password contents from login.php, checking against sql injection attacks and then running a query to authenticate the user before producing output.


Edited by bsewell: n/a


so u r not redirecting to edit.php. right...
ok then paste this on top of ur code.


and after header paste


i think it works..

dont forget to mark as solved if it is done.


I just fixed it. The clue was that the log said output started at line 26. I just had a look at the code, and I was echo'ing the session variable to check whether it had been changed. I removed it and it's all working now :)


Nice solution. That'll definitely help us :)


Edited by Ezzaral: Snipped &quot;fake sig&quot; link. Please restrict such links to your site-wide user signature, which can be edited from the user control panel.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.