True If statement not Going to Header Page

[mfleming]

Hi.

 

I have a simple change password form, when checked and verified and submitted the user is directed to a different web page. 

I'm getting all the true statements echoed out, but it doesn't go to the go to the next web page.

		// Thank you Page
	$insertGoTo = "changepass.php";
	header(sprintf("Location: %s", $insertGoTo));	

 

My thought was ounce you get through the while statement without errors you should be able to move to the next check of the actual database... which it does, and it updates the database with the new values.  It also echos out Continue 6....

		echo "True - Continue 6 GO TO HEADER PAGE";
	// Thank you Page
	$insertGoTo = "changepass.php";
	header(sprintf("Location: %s", $insertGoTo));	

 

What am I missing here? 

 

 

Code:

<?php
session_start();
?>
<?php
$submit = $_POST['submit'];
// Form Data
$email = $_POST['email'];
$password_old = $_POST['password_old'];
$password_new = $_POST['password_new'];
$password_new_con = $_POST['password_new_con'];
$errorcount = 0;

// Edit anything inbetween the " " for the display error message
$errormsg['Email'] = "Email Entered is not in our database"; 
$errormsg['OldPass'] = "Old Password Entered is Incorrect. Please check your Email";
$errormsg['NewPass'] = "New Password must be between 6 and 32 characters";
$errormsg['NewPassCon'] = "New Passwords do not match.";
$errormsg['SecCode'] = "Security Code is Invalid";
$errormsg['dbPass'] = "Invalide Email or activation code. 
										Please Contact <a href='mailto:webmaster@fusionfashionhair.com?subject=Fusion Fashion Hair - 
										Member Activation Error%20Request'>Admin</a>";
$errormsg['NoErr'] = "No Errors, Continue";
$errormsg['PlaceHold'] = "";

$errortrack[] = $errormsg['PlaceHold'];

if ($_POST[submit]){
	if ($errorstop = "go") {
	$errorstop="go";
	while ($errorstop<>"stop") {
		//Check for security code
		if ($_SESSION[key]==$_POST[user_code]){ 
			echo "True - Continue 0";
			echo "<p>----------</p>";
			$_SESSION[key]='';
		} else {
			echo "False - Stop 0";
			$errortrack[] = $errormsg['SecCode'];
			$errorcount++;
			$errorstop="stop";
		}
		// check for existance
		if (!checkEmail($email)) {
			echo "False - Stop 1";
			$errortrack[] = $errormsg['Email'];
			$errorcount++;
			$errorstop="stop";				
		} else {
			echo "True - Continue 1";
			echo "<p>----------</p>";
		}
		// check for existance
		if (strlen($password_old)>5) {
			echo "True - Continue 2";
			echo "<p>----------</p>";
		} else {
			echo "False - Stop 2";
			$errortrack[] = $errormsg['OldPass'];
			$errorcount++;
			$errorstop="stop";
		}		
		// check for existance
		if (strlen($password_new)>32||strlen($password_new)<6) {
			echo "False - Stop 3";
			$errortrack[] = $errormsg['NewPass'];
			$errorcount++;
			$errorstop="stop";
		} else {
			echo "True - Continue 3";
			echo "<p>----------</p>";
		}		

		// check for existance
		if ($password_new_con==$password_new) {
			echo "True - Continue 4";
			echo "<p>----------</p>";
			$errorstop="stop";//Get Out of loop
		} else {
			echo "False - Stop 4";
			$errortrack[] = $errormsg['NewPassCon'];
			$errorcount++;
			$errorstop="stop";
		}
	}//End While Loop


	// Check database
	require('dbConfig.php');
	// Encrypts old password to check with Database Encryped Password
	$password_old = md5($password_old);

	$check = mysql_query("SELECT * FROM {$usertable} WHERE email='$email' AND password='$password_old'");
	$checknum = mysql_num_rows($check);
	if ($checknum==1) {
		echo "True - Continue 5 Set password";
		echo "<p>----------</p>";
		// Encrypts new password
		$password = md5($password_new);
		//run a query to update the account
		$acti = mysql_query("UPDATE {$usertable} SET password='$password' WHERE email='$email'");	
	} else {
		echo "False - Stop 5";
		$errortrack[] = $errormsg['dbPass'];
		$errorcount++;
		$errorstop="stop";
	}//End if checknum

	echo "True - Continue 6 GO TO HEADER PAGE";
	// Thank you Page
	$insertGoTo = "changepass.php";
	header(sprintf("Location: %s", $insertGoTo));	
	} else {
		while($errorcount>=0) {
			// Test display all error messages
			echo "<p>----------</p>";
			echo "<p>Error Count = '$errorcount'</p>";
	}
	die ("PLEASE FILL IN ALL FIELDS");	
}
}
?>
<?php

// LINUX PLATFORM OPTION 3

// checkEmail function checks standard email format same as preg_match()
// checkEmail function checks DSN records using checkdnsrr  Use list() to seperate name and domain using split function
// checkdnsrr ONLY WORKS on LINUX PLATFORM
// Check to see if domain and username is active
// uses fsockopen() to check if its in use using port 25
function checkEmail($email) {
// checks proper syntax
if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/" , $email)) {

	// gets domain name
	list($username,$domain)=split('@',$email);
	// checks for if MX records in the DNS
	if(!checkdnsrr($domain, 'MX')) {
		return false;
	}
	return true;
}
return false;
}
?>

[Vitamin]

don't echo anything before the header statement.

 

from the php documentation.

http://php.net/manual/en/function.header.php

 

Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include(), or require(), functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file.

[mfleming]

I was echo for error testing only.  I'll remove them and see what happens.  (I'm not getting any Header errors so I assumed no white space was entered )

[mfleming]

ok I just finished reading teh HEADER ERRORS - READ HERE prior to this and I guess I didn't understand it completely.  Removing the echo's worked!

 

Thanks

[Vitamin]

Yep no problem.  The first time I ran into that problem I wanted to pull my hair out.