Error to redirect the page with PHP [duplicated]

Navigation
3

Mount my web application to a web server, locally everything works perfectly, requests among other things, I have a system of pages for registered and logged users, I manipulate them with sessions, verifications among other things, each page (registered users ) has a check in headers that is responsible for checking and validating users for security reasons through a backend code that I have, if the conditions are not met is to say that it does not pass through the verification system that I have not created the sessions and if the sessions are not created I send them to the index.php, here the code to better understand what I say. 

<?php 
    session_start();
    if(!isset($_SESSION['user']) || (!isset($_SESSION['nick'])) ){
        header("Location: index.php?session=TimeOut");
        exit();
    }else{      
        if($_SESSION['user']!=$_SESSION['name_validate'] || $_SESSION['id']!=$_SESSION['id_user']||$_SESSION['user_validate']!=$_SESSION['permise'] || $_SESSION['data_validate']!=$_SESSION['random'] ){
            header("Location: index.php?access=Denied");
            exit();
        }                    
    }    
    ?>
<!DOCTYPE html>

Also try this way: 

<?php
/* Redirecciona a una página diferente en el mismo directorio el cual se hizo la petición */
$host  = $_SERVER['HTTP_HOST'];
$uri   = rtrim(dirname($_SERVER['PHP_SELF']), '/\');
$extra = 'mypage.php';
header("Location: http://$host$uri/$extra");
exit;
?>

//Del manual de PHP

As you can see they are before any entry in the html or data, so it should work, in addition the console does not mark any type of error, so I do not know where the problem is. In summary this code was made to avoid that users place the URL directly without logging in.

    
asked by Carlos Estarita 04.03.2017 в 19:28
source

2 answers

0

To solve it add ob_start(); just after session_start(); taking your code would look like this: 

 <?php 
        session_start();
        ob_start();

        if(!isset($_SESSION['user']) || (!isset($_SESSION['nick'])) ){
            header("Location: index.php?session=TimeOut");
            exit();
        }else{      

            if($_SESSION['user']!=$_SESSION['name_validate'] || $_SESSION['id']!=$_SESSION['id_user']||$_SESSION['user_validate']!=$_SESSION['permise'] || $_SESSION['data_validate']!=$_SESSION['random'] ){
               header("Location: index.php?access=Denied");
               exit();
            }                    
        }    
?>

Here is the guide and information about this function in PHP:

ob_start ();

I hope it helps you!

    
answered by 06.03.2017 / 09:41
source
0

Could it be that the session variable already exists but is empty (that is, $_SESSION['user'] = ''; )? In that case, your expression if(!isset($_SESSION['user'])) will return true and will not send you to the index.

To make sure, after the initial session_start(); add a print_r($_SESSION); . There you will see if the variables were already initialized before the validation. If they are, just make a unset($_SESSION); (one time only) before trying again.

    
answered by 06.03.2017 в 16:19
Display radio button in django? Login with Google (Android Studio)