0

I'm having issues to send an occuring error to another page. I have already created the page the error will be sent to, and I've tried a header function. But that doesn't seem to work. Here is the php code that I am using for the page. 

<?php


if(isset($_POST['username'], $_POST['password'])){

    //login the user here
     $connect = mysql_connect("","","")or die(mysql_error());
     mysql_select_db("")or die(mysql_error());

    $errors = array();


    $username = strip_tags(mysql_real_escape_string($_POST['username']));
    $password = strip_tags(mysql_real_escape_string($_POST['password']));


    if (empty($Regi_Username) || empty($Regi_password)) {
        $errors[] = 'All fields are requerid';

    } else {

    if (strlen($Regi_Username) > 25) {
        $errors[] = 'Username is to long';

    }

    if (strlen($password) > 25) {
        $errors[] = 'Password is to long';
    }
}

         $password = md5($_POST['password']);

         $loginquery = "SELECT * FROM regi WHERE username='$username' and password='$password'" or die(mysql_error());
         $result = mysql_query($loginquery);
         $count = mysql_num_rows($result);

         mysql_close();
         if($count==1){
            $seconds = 2000 + time();
            setcookie(loggedin, date("F jS - g:i a"), $seconds);
            header("location:member.php");
        } else {
           echo 'Wrong username and password please try agian.';
      }
     }
?>
Improve this question
5
  • 1
    You should consider to use SESSION to store the login with instead of just using COOKIES. Not all like to store such files on the machine and some are not able too. Code should almost fit - And do you get any errors at all? Commented Nov 14, 2012 at 7:34
  • My error display when I press the button, but I want them to go to onther error page. Commented Nov 14, 2012 at 7:37
  • Is there any HTML before your PHP code, and do you have any errors in the web server log? Commented Nov 14, 2012 at 7:44
  • md5($_POST['password']) why, WHY? While better than plaintext it is still completely unacceptable to store unsalted MD5 hashes. You know what happens when someone gets access to your user database? He'll use rainbow tables to get plaintext passwords for many of your users. And lots of users are stupid enough to use the same password on multiple sites. So... always use salted hashes! Commented Nov 14, 2012 at 7:48
  • 100% agreed with @Jacta comment. +1 Commented Nov 14, 2012 at 8:03

3 Answers 3

Reset to default
3

Pass the GET variable in your URL like..

header('Location:page.php?err=1');
exit;

On the other page use this

if(isset($_GET['err'] && $_GET['err'] == 1) {
   echo 'Error Occured';
}
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Just want my error go to onther page that I have style all of them
@kalleJohansson So try this na..I already gave you the solution
@kalleJohansson Just saw your profile, you really need to accept the correct answers on the questions you ask
@jackflash How can you fake an error? you are not passing any error string in GET, so he simply cannot fake, and if you change the error no, it wont simply echo anything...answer is not wrong, it is upto him what approach he wants to use...
@jackflash Did you read my comment perfectly? It said you really need to accept the correct answers on the questions you ask, I didn't said mark my answer as correct
|
1

Here is a session based approach. This is the best way to pass messages from one page to another as they are stored in the user's session (a piece of data related to each user and stored in the server side) and not in the browser (like cookies or URL GET parameters, which can be easily corrupted), so it is really quite harder to manipulate the messages from 3rd parties.

Page process.php:

<?php
// Very top of your page
session_start();
$_SESSION['errors'] = array();
// Do stuff now...
// ...
// Hey it's a X error!
$_SESSION['errors']['X'] = 'Message for X error';
// Continue doing stuff...
// ...
// OMG! It's a Y error now!
$_SESSION['errors']['Y'] = 'Message for Y error';
// Keep doing stuff till you're done...
// All right, process is finished. Any Errors?
if (count($_SESSION['errors']) > 0) {
    // It seems there's been any errors
    // time to redirect to error-displaying page
    header('Location: error-page.php');
    exit;
}

Page error-page.php:

<?php
// Very top of your page
session_start();
// Let's check if there is any error stored in the session.
// In the case no errors found, it is better to redirect to another page...
// ...why anybody would end in this page if no errors were thrown?
if (!isset($_SESSION['errors']) || !is_array($_SESSION['errors']) || empty($_SESSION['errors'])) {
    header('Location: home.php');
    exit;
}
// If we reach this point it means there's at least an error
foreach ($_SESSION['errors'] as $errorCode => $errorMessage) {
    // Here we can display the errors...
    echo '<p>Error ', $errorCode, ': ', $errorMessage, '</p>', PHP_EOL;
}
// You can also do stuff only if a certain error is received
if (array_key_exists('X', $_SESSION['errors'])) {
    // Error `X` was thrown
    echo '<p>Oh no! It seems you suffered a X error!!</p>', PHP_EOL;
    echo '<a href="home.php">Click here to go back home.</a>', PHP_EOL;
}
// At the end you should to remove errors from the session
$_SESSION['errors'] = array();
// or
unset($_SESSION['errors']);
Improve this answer

Comments

0

You could use Alien's method, but it'd better if you use Session:

// Assume you init the session already; Use json_encode since you use array for $errors
$_SESSION['errors_msg'] = json_encode($errors);
header("location:member.php");
// Remember to exit here after we call header-redirect
exit;

Besides, there are a lot of problems is your currently code:

  1. Use salt for hashing password
  2. Use mysqli over mysql
  3. Filtering input, escaping output
  4. .. Read other recommendations here in this topic ..
  5. Please read http://www.phptherightway.com/. There is a lot of right recommendation (of course not all) for PHP.
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.