headers already sent

[businessman332211@hotmail.com]

I am trying to redirect someone to another location after they login. I need it to do what it needs to do, and redirect them back to the homepage, set on what school they are suppose to, so I have to pass school through itheader("Location: index.php?school={$_SESSION[schoolaccess]}"); That is what I have, but it is saying header allready sent, I thought the location header could be sent anywhere??incase if it helps. The code is below.

<?phpsession_start();?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><?phpinclude './includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion?></head><body><div id="wrap"><?phpinclude './includes/header.inc.php'; // inserts header, logo, and everything up there?>		<br style="clear: both;" />	<?phpinclude './includes/leftnav.inc.php'; // inserts left navigation?>		<div id="content">			<div id="processor">			<h3>Sign Up Completion</h3><?php// signing into database, and preparing for validation and entrymysql_connect("mysql185.secureserver.net", "######", "##########");mysql_select_db("joyel");// Get information from database to work with$errorhandler = "";$username = mysql_real_escape_string($_POST['username']);$username = strtolower($username);$password = mysql_real_escape_string($_POST['password']);$password = strtolower($password);if ($username == "") {$errorhandler .= "The Login Username was left blank.<br />";}if ($password == "") {$errorhandler .= "The password was left blank.<br />";}if ($errorhandler != "") {echo "<span class=\"spanred\">";echo $errorhandler;echo "</span>";}if ($errorhandler == "") {$password = md5($password);$selectemail = "SELECT * FROM userinfo WHERE email = '$username';";$queryemail = mysql_query($selectemail);	if ($rowemail = mysql_fetch_array($queryemail)) { // checks if email exists		$selectpass = "SELECT * FROM userinfo WHERE email = '$username' AND password = 		'$password';";		$querypass = mysql_query($selectpass);		if ($rowpass = mysql_fetch_array($querypass)) {		$_SESSION['username'] = $rowpass['email'];		$_SESSION['schoolaccess'] = $rowpass['schoolname'];		$_SESSION['controller'] = true;		$_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR'];		$_SESSION['lastlogin'] = date("m/d/y");		$url = "http://www.thecampussource.com/index.php?school={$_SESSION['schoolaccess']}";		header("Location: {$url}");				}else {		// Send email to account owner, notifying him of date and time of attempted access		// With improper password to his/or her account		echo "You have attempted an unauthorized access.<br />";		echo "If you are not the user of this account, please discontinue this activity ";		echo "immediately.";		echo "The original account owner was sent all of your computer information.  If they.";		echo "Report the unauthorized attempt to administration you will be banned from the ";		echo "site for an indefinite period of time.";		$to = "{$rowemail[email]}";		$subject = "www.thecampussource.com: Security Issue";		$newdate = date("m/d/y");		$newtime = time();		$message = "  There has been a possible unauthorized attempt on your account.  Someone attempted to access your account via your email address, however they provided the wrong credentials.  The following information was information we were able to recover from the attempted entry.  If you are wondering whether or not this was you, please compare this IP number with your IP number for a match, if there was no match, then please contact administration, with the IP number of the person who attempted unauthorized access, with a forwarded version of this email, and we will investigate, and possible ban that user from the site.IP Address: {$_SERVER['REMOTE_ADDR']}Possible Browser: {$_SERVER['HTTP_USER_AGENT']}Date of Attempt: {$newdate}Possible Time Of Attempt: {$newtime}";$headers = "From: Administrator@thecampussource.com";		mail($to, $subject, $message, $headers);} // end security measure	}else {	echo "There is no point in continuing with the process.  your email does not exist ";	echo "within our database.  Please double check your email address, register, or contact ";	echo "support if you feel you recieved this message in error.<br />";	}} // close error handler check?>					</div>			</div><?phpinclude './includes/banner.inc.php'; // includes the banner, randomly selected from a database?>	<?phpinclude './includes/footer.inc.php'; // includes the page footer, bottom navigation copyright?></div></body></html>

Edited September 15, 2006 by businessman332211@hotmail.com

[aquatsr]

I need it to do what it needs to do,

lol. I know what you mean.You can only user the Location: blah blah at the beginning of the document. (Actually you can only send the header once, is what I mean)Check there for more info: http://sk.php.net/manual/en/function.header.php

[businessman332211@hotmail.com]

<?phpif (!$_GET['redirect']=='dw') exit('bad link');$page = $_GET['redirect'];$email = $_GET['email'];mail("jitu@asicip.com", "Asic Ip Download Access", "Someone has access {$page} using {$email}");header('Location: ' . $page);?>

That worked, you see what's confusion me. I had it send an email first, then sent the redirect, there has to be a way to make this work, if not how am I suppose to send them back to the index page after they log in???

[businessman332211@hotmail.com]

well I guess that will have to do, for the logout, I got it working with justCode:<?phpsession_start();session_destroy();header("location: /index.php");?>For my other page, I just settled for the, finish the process type of setup.Code:

<?phpsession_start();?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><?phpinclude './includes/meta.inc.php'; // includes meta tags, stylesheet, and javascript inclusion?></head><body><div id="wrap"><?phpinclude './includes/header.inc.php'; // inserts header, logo, and everything up there?>		<br style="clear: both;" />	<?phpinclude './includes/leftnav.inc.php'; // inserts left navigation?>		<div id="content">			<div id="processor">			<h3>Sign Up Completion</h3><?php// signing into database, and preparing for validation and entrymysql_connect("mysql185.secureserver.net", "#####", "#####");mysql_select_db("joyel");// Get information from database to work with$errorhandler = "";$username = mysql_real_escape_string($_POST['username']);$username = strtolower($username);$password = mysql_real_escape_string($_POST['password']);$password = strtolower($password);if ($username == "") {$errorhandler .= "The Login Username was left blank.<br />";}if ($password == "") {$errorhandler .= "The password was left blank.<br />";}if ($errorhandler != "") {echo "<span class=\"spanred\">";echo $errorhandler;echo "</span>";}if ($errorhandler == "") {$password = md5($password);$selectemail = "SELECT * FROM userinfo WHERE email = '$username';";$queryemail = mysql_query($selectemail);	if ($rowemail = mysql_fetch_array($queryemail)) { // checks if email exists		$selectpass = "SELECT * FROM userinfo WHERE email = '$username' AND password = 		'$password';";		$querypass = mysql_query($selectpass);		if ($rowpass = mysql_fetch_array($querypass)) {		$_SESSION['username'] = $rowpass['email'];		$_SESSION['schoolaccess'] = $rowpass['schoolname'];		$_SESSION['controller'] = true;		$_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR'];		$_SESSION['lastlogin'] = date("m/d/y");		echo "<p>Please finish the login process by clicking the link below.</p><br />";		echo "<a href=\"/index.php?school={$_SESSION[schoolaccess]}\" title=\"Finish Login\">Finish Login Process</a>";		}else {		// Send email to account owner, notifying him of date and time of attempted access		// With improper password to his/or her account		echo "You have attempted an unauthorized access.<br />";		echo "If you are not the user of this account, please discontinue this activity ";		echo "immediately.";		echo "The original account owner was sent all of your computer information.  If they.";		echo "Report the unauthorized attempt to administration you will be banned from the ";		echo "site for an indefinite period of time.";		$to = "{$rowemail[email]}";		$subject = "www.thecampussource.com: Security Issue";		$newdate = date("m/d/y");		$newtime = time();		$message = "  There has been a possible unauthorized attempt on your account.  Someone attempted to access your account via your email address, however they provided the wrong credentials.  The following information was information we were able to recover from the attempted entry.  If you are wondering whether or not this was you, please compare this IP number with your IP number for a match, if there was no match, then please contact administration, with the IP number of the person who attempted unauthorized access, with a forwarded version of this email, and we will investigate, and possible ban that user from the site.IP Address: {$_SERVER['REMOTE_ADDR']}Possible Browser: {$_SERVER['HTTP_USER_AGENT']}Date of Attempt: {$newdate}Possible Time Of Attempt: {$newtime}";$headers = "From: Administrator@thecampussource.com";		mail($to, $subject, $message, $headers);} // end security measure	}else {	echo "There is no point in continuing with the process.  your email does not exist ";	echo "within our database.  Please double check your email address, register, or contact ";	echo "support if you feel you recieved this message in error.<br />";	}} // close error handler check?>					</div>			</div><?phpinclude './includes/banner.inc.php'; // includes the banner, randomly selected from a database?>	<?phpinclude './includes/footer.inc.php'; // includes the page footer, bottom navigation copyright?></div></body></html>

Also, you know, if anyone has any advice, on how I can make that login processor page redirect automatically back to the homepage, and have it work, It would be greatly appreciated, but if not I can live with this.

[reportingsjr]

You cant have any html output, or text onto the screen. Its the same as starting sessions and setting cookies, those are both also headers .I do beleive you can do like ob_start() and ob_end() to get around this, just search for ob on php.net lol.

[justsomeguy]

That worked, you see what's confusion me. I had it send an email first, then sent the redirect, there has to be a way to make this work, if not how am I suppose to send them back to the index page after they log in???

The problem is that you send HTML output before you try to send the redirect header. When you send any output, all headers are sent before it. So, obviously you can't send a header after you have already started output. When you send the doctype tag, all headers get sent at that time.Move all of your PHP up to the top of the page, and do all of the processing that needs to be done on the top, before you send any HTML. If the code reaches the end, and they are remaining on that page then send the HTML to display that page. But don't start sending the output, and then do some processing later on, do all the processing first, and then show the appropriate output.

[businessman332211@hotmail.com]

The reason I didn't do that, is because I need to be able to put the stuff within the layout. For instance if there are errors and I did that, they would display at the top, right now they display within the content area of the layout. Which looks a lot more professional.

if ($errorhandler != "") {echo "<span class=\"spanred\">";echo $errorhandler;echo "</span>";}

This is where I am showing errors, it appears within the content, but if there are no errors, I wanted it to go ahead and proceed with login. So I ended up having to use a link, to finish login.