header not redirecting

[pilch]

Hello everyone.

I've finished the front end and admin sections of a reviews db im working on albeit I've just started looking into user validation, herewith lies the issue.

Basically the $error checking works fine as I proved it by simply outputting an echo $error. I thought I'd go to the next stage and try a header redirect. what it should do if !empty($error is to redirect me to the authors_admin_action.php page along with the author id and $error. But it's not..

I'm aware that you cant have any HTML in the page or something for these php header redirects to work so I had commented out the include "includes/adminheader.inc.php" line as that does include HTML.

If anyone could help me I'd be really grateful.. p.s I've only just started so all my tryouts lend themselves to when you EDIT an author's name...

Here's the code for the file that is responsible for sql insertion/editing + checking.. commit_authors.php

PHP: Select all

  <?
 // COMMIT ADD AND EDITS
 
 // reset variable $error to empty (added for form validation)
 $error = '';
 //database connectivity include
 include "../includes/dbinfo_test.inc.php";
 include "includes/adminheader.inc.php";
 ?>
  <style type="text/css">
 <!--
@import url("../css/stylesadmin.css");
.style2 {
    color: #FF0000;
    font-weight: bold;
    font-size: 12px;
}
 -->
 </style>
 <?
  switch ($_GET['action']) {
    case "edit":
      switch ($_GET['type']) {
        case "author":
        $author_name = trim($_POST['author_name']);
        if (empty($author_name)) {
          $error .= "Please+enter+an+author+name%21%0D%0A";
        }
        if (empty($error)) {
          $sql = "UPDATE author SET
                    authorname = '" . $_POST['author_name'] . "'
                  WHERE authorid = '" . $_GET['id'] . "'";
        } else {
          // the below code doesn't redirect neither does it output any error - very odd
          header("location:authors_admin_action.php?action=edit&error=" .
                 $error . "&id=" . $_GET['id'] );
        }
        break;
      }
      break;
    case "add":
      switch ($_GET['type']) {
        case "author":
          $sql = "INSERT INTO author
                    (authorname) 
                  VALUES
                    ('" . $_POST['author_name'] . "')";
          break;
      }
      break;
  }
  // Tests that $sql is set and not empty
  if (isset($sql) && !empty($sql)) {
    echo "<!--" . $sql . "-->";          //  output $sql for debugging purposes (currently remmed out)
    // sending the results to the server.
    $result = mysql_query($sql) or die("Invalid query: " . mysql_error()); 
      
  ?>
  <div id="Content">
  <span class="style2">Records changed:</span>
  <br />
  <hr />
  <? echo $sql ?>
  <br />
  <br />
  </div>
    <?php
  }
?>

Here's the code for the file that lists the authors and allows you to EDIT or ADD. authors_admin_action.php

PHP: Select all

 <?
  //database connectivity include
  include "../includes/dbinfo_test.inc.php";
  include "includes/adminheader.inc.php";
  ?>
  
  <?
 
   switch ($_GET['action']) {
     case "edit":
       $authorsql = "SELECT * FROM author WHERE authorid = '" . $_GET['id'] . "'";
       $result = mysql_query($authorsql) or die("Invalid query: " . mysql_error());
       $row = mysql_fetch_array($result);
       $author_name = $row['authorname'];
       break;
   }
 ?>
 <html>
 <head>
 <title><?php echo $_GET['action']; ?> author</title>
  <style type="text/css">
 <!--
 @import url("../css/stylesadmin.css");
 -->
  </style>
 </head>
 <body>
 <div id="Content">
   <form action=".././admin/commit_authors.php?action=<?php
   echo $_GET['action']; ?>&type=author&id=<?php
   if (isset($_GET['id'])) { echo $_GET['id']; } ?>" method="post">
 <?php
 if (!empty($_GET['error'])) {
   echo "<div align=\"center\" " .
        "style=\"color:#FFFFFF;background-color:#FF0000;" .
        "font-weight:bold\">" . nl2br(urldecode($_GET['error'])) . 
        "</div><br />";    
 }
 ?>
     <table border="0" width="500" cellpadding="3"
       cellspacing="1" bgcolor="#353535" class="style1">
       <tr>
         <td bgcolor="#FFFFFF" width="33%"><p><strong>Author(s) Name(s):</strong><br />
         </p></td>
         <td bgcolor="#FFFFFF" width="67%">
           <input name="author_name" type="text"
             value="<?php echo $author_name; ?>" size="46"></td>
       </tr>
       <tr>
         <td bgcolor="#FFFFFF" width="33%"></td>
         <td bgcolor="#FFFFFF" width="67%">
           <input type="submit" name="SUBMIT" value="<?php echo $_GET['action']; ?>"></td>
       </tr>
     </table>
 </form>
 </div>
 </body>
 </html>

Many thanks in advance...

[benbacardi]

what error do you get when trying to redirect?
if you have so much as a space before your opening php tag it wont let you use a header....

[pilch]

Quote:

Originally Posted by benbacardi

what error do you get when trying to redirect?
if you have so much as a space before your opening php tag it wont let you use a header....

no error bbc

[grahame]

Quote:

Originally Posted by benbacardi

if you have so much as a space before your opening php tag it wont let you use a header....

Indeed ... and the sample code you're sending out has already sent out some style information before the header function is called which is your problem.

Looking wider, why redirect? Why not have the script you're working on generate the error output itself?

[Tim356]

I can understand the redirect - that way you can have many pages doing this, without having to rewrite code (although a function would do the same), but I agree - a bit convoluted this way.