Page 1 of 2 12 LastLast
Results 1 to 10 of 15
  1. #1
    Join Date
    Jun 2008
    Posts
    9

    PHP header location script not playing nice with Godaddy

    I first want to say thank you for a great set of intro to PHP set of video tutorials. It was a great refresher course for someone who hasn't messed with anything more than really simple php scripts in a while.

    I had no problem making the scripts and web pages all work on my own local machine but when I tried uploading them to Godaddy I ran into a problem.

    The problem seems to be when I do the following:
    header('Location:'.$_SERVER('PHP_SELF'));


    Godaddy gives me a error similar to this:

    Warning: Cannot modify header information - headers already sent by (output started at /home/content/u/s/e/username/html/file.php:2) in /home/content/u/s/e/username/html/file.php on line 4

    Godaddy says to: "To resolve this error remove the lines from the PHP code that are printing to the browser prior to sending headers."

    Other websites say to find and delete white space after the closing php tag.

    I am unable to figure out a way to get the scripts to still work and do what Godaddy says to do. As for white space, I believe I've done that with notepad.

    Therefore I am currently out of ideas. If anyone else has one, I would be grateful.

  2. #2
    Join Date
    Mar 2006
    Location
    South Australia
    Posts
    4,521
    And can we see your code?

    The error should give it away though. Line 2 of your code is sending some output to the browser, so when you do the header() call on line 4 it fails because output has already been sent.

  3. #3
    Join Date
    Jun 2008
    Posts
    9
    It states the error is on the line where I put in a comment above the header in this code:
    <?php
    include('admin.php');

    if (isset($_POST['form_sub']))
    {
    if (isset($_POST['featured']))
    {
    $featured = $_POST['featured'];
    }
    else
    {
    $featured = 0;
    }

    if (isset($_POST['active']))
    {
    $active = $_POST['active'];
    }
    else
    {
    $active = 0;
    }

    //Prevents Quotes from wrecking code
    $title = str_replace('"', '\"', $_POST['title']);
    $short_description = str_replace('"', '\"', $_POST['short_description']);
    $description = str_replace('"', '\"', $_POST['description']);
    $display_order = str_replace('"', '\"', $_POST['display_order']);

    if ($_POST['item_id'] > 0)
    {
    //update record
    $query = 'UPDATE products SET
    title = "'.$title.'",
    short_description = "'.$short_description.'",
    description = "'.$description.'",
    featured = "'.$featured.'",
    active = "'.$active.'",
    display_order = "'.$display_order.'"
    WHERE autoid = "'.$_POST['item_id'].'"
    ';

    }
    else
    {
    //add new record
    $query = 'INSERT INTO products (
    title,short_description,description,featured,activ e,display_order
    ) VALUES (
    "'.$title.'",
    "'.$short_description.'",
    "'.$description.'",
    "'.$featured.'",
    "'.$active.'",
    "'.$display_order.'"
    )';
    }

    //Error check
    if (!mysql_query($query, $db_link))
    {
    echo mysql_error();
    exit;
    }

    //Prevents refreshing duplication
    header('Location: '.$_SERVER['PHP_SELF']);
    exit;
    }

    if (isset($_GET['delete_id']))
    {
    $query = 'DELETE FROM products WHERE autoid ="'.$_GET['delete_id'].'"';

    if (!mysql_query($query, $db_link))
    {
    echo mysql_error();
    exit;
    }

    //Prevents delete_id from staying on address bar
    header('Location: '.$_SERVER['PHP_SELF']);
    exit;
    }
    ?>


    It also states the same error, just the line above the header when I try to delete as well. It does send the changes to the database and updates the table though. I also have noticed godaddy does not like my string replace code to prevent double quotes from wrecking the script.

    Thank you for the quick reply.

  4. #4
    Join Date
    Mar 2006
    Location
    South Australia
    Posts
    4,521
    What is in admin.php?

    Looks like the file you are including has outputting something. This could be an echo/print statement, or like those other pages say: whitespace at the end of the file.

  5. #5
    Join Date
    Jun 2008
    Posts
    9
    Quote Originally Posted by mr_charisma View Post
    What is in admin.php?
    White space

    I feel like a fool. Found it late.. err.. early in the morning. Thank you for your help.

    Now to move on to the other problem, only other problem fortunately, which is the quotes are wrecking the code when included in an entry.

  6. #6
    Join Date
    Sep 2008
    Posts
    2
    Thank you 'ferds7' for bringing this up, i'm playing with this code for hours now and could not figure out the problem until i decided to bring it up on the forum and found this thread here.
    Turns out my problem was the same as yours, leaving the extra white space on the include file....

    But i have one more issue with this code, if someone can help me out here.
    When i'm running this block

    $title = str_replace('"', '\"', $_POST['title']);
    $short_description = str_replace('"', '\"', $_POST['short_description']);
    $description = str_replace('"', '\"', $_POST['description']);
    $display_order = str_replace('"', '\"', $_POST['display_order']);

    This is supposed to backslash out all the quotes in the form but it turns out that this is actually breaking my code when double-quotes are used in the form, and they work fine without this block of code, it seems that all the quotes are backslashed automatically, and when i try to mess with it by adding my own backslash i get an error.

    What am I missing here?
    Last edited by hershy11211; 10-07-2008 at 01:48 PM.

  7. #7
    Join Date
    Apr 2004
    Location
    Nr London, UK
    Posts
    831
    eeeeeeeew.

    essentially you are just trying to mimic addslashes, I'd just use the php built in one - will be faster

    If you want to escape a string completely:

    http://uk3.php.net/trim
    http://uk3.php.net/strip_tags
    http://uk3.php.net/htmlspecialchars
    http://uk3.php.net/addslashes

    $cleanTitle = addslashes(htmlspecialchars(strip_tags(trim($_POST['title']))))

    If you are then going to put this into a database run:

    mysql_real_escape_string() on it too

  8. #8
    Join Date
    Sep 2008
    Posts
    2
    lol
    Well... I am completely new to PHP and programing so this is all new to me.
    I was just following the VTM, and now that i did some research on those functions you gave me, I cant believe how this VTM guy made two complete rookie mistakes,
    first he used this complicated code instead of the php built in one, and second magic_quotes_gpc which is on by default and it essentially runs addslashes on all GET POST data, and by escaping you're actually double escaping....
    Last edited by hershy11211; 10-07-2008 at 06:48 PM.

  9. #9
    Join Date
    Apr 2004
    Location
    Nr London, UK
    Posts
    831
    Quote Originally Posted by hershy11211
    ...second magic_quotes_gpc which is on by default and it essentially runs addslashes on all GET POST data, and by escaping you're actually double escaping....
    Never ever Rely or write code that relies on magic_quotes_gpc - its just eugh. Yes its nice that it is there as an extra layer of protection, but its not worth the risk in just hoping it is on.

    As for the VTMs, I watched the original ones way back but dont remember encountering this, but as for that code block - it should work as you wrote it but again but what if you used single quotes?, its just str_replace will be slower than addslashes. that is, as much as I am aware (but it may be negligible)

  10. #10
    Join Date
    Jun 2008
    Posts
    9
    Quote Originally Posted by hershy11211 View Post
    But i have one more issue with this code, if someone can help me out here.
    When i'm running this block

    $title = str_replace('"', '\"', $_POST['title']);
    $short_description = str_replace('"', '\"', $_POST['short_description']);
    $description = str_replace('"', '\"', $_POST['description']);
    $display_order = str_replace('"', '\"', $_POST['display_order']);

    This is supposed to backslash out all the quotes in the form but it turns out that this is actually breaking my code when double-quotes are used in the form, and they work fine without this block of code, it seems that all the quotes are backslashed automatically, and when I try to mess with it by adding my own backslash i get an error.

    What am I missing here?
    So were you able to solve it with Martinco's suggestions? I spent quite a while trying to figure it out as well.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •