Auf Thema antworten 2026

Beitrag

<blockquote data-quote="JPS" data-source="post: 1787047" data-attributes="member: 293118">Hallo, das untenstehende Script habe ich in meine index.php included. Ist man nicht eingelogged zeigt es das Login Formular und wenn man sich einlogged halt Userinfos mit logout Möglichkeit. Soweit so gut.Logged man sich ein, macht header(&quot;Location: index.php&quot;);&nbsp; Probleme und es kommt die Meldung Cannot modify header....aktualisiert man dann die Seite dann geht es. Wie kann ich das Problem aus der Welt schaffen???[PHP]&lt;?php&nbsp; &nbsp; &nbsp; &nbsp; //Prevent the user visiting the logged in page if he/she is already logged in&nbsp; &nbsp; if(isUserLoggedIn()) {?&gt; &nbsp; &nbsp; &nbsp; &nbsp; &lt;div class=&quot;rundum&quot;&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;h1&gt;&lt;?php echo $loggedInUser-&gt;display_username; ?&gt;&lt;/h1&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;p&gt;&lt;br&gt;Willkommen im Member Bereich.&lt;/p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;p&gt;Ihr Accountart: &lt;strong&gt;&lt;?php&nbsp; $group = $loggedInUser-&gt;groupID(); echo $group[&#039;Group_Name&#039;]; ?&gt;&lt;/strong&gt;&lt;/p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;P&gt;&lt;br&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;a href=&quot;logout.php&quot;&gt;Logout&lt;/a&gt;&lt;br&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Profil bearbeiten&lt;br&gt;Passwort &amp;auml;ndern&lt;br&gt;e-Mail &amp;auml;ndern&lt;/P&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;/div&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;?php } else {//Forms postedif(!empty($_POST)){&nbsp; &nbsp; &nbsp; &nbsp; $errors = array();&nbsp; &nbsp; &nbsp; &nbsp; $username = trim($_POST[&quot;username&quot;]);&nbsp; &nbsp; &nbsp; &nbsp; $password = trim($_POST[&quot;password&quot;]);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Perform some validation&nbsp; &nbsp; &nbsp; &nbsp; //Feel free to edit / change as required&nbsp; &nbsp; &nbsp; &nbsp; if($username == &quot;&quot;)&nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $errors[] = lang(&quot;ACCOUNT_SPECIFY_USERNAME&quot;);&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; if($password == &quot;&quot;)&nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $errors[] = lang(&quot;ACCOUNT_SPECIFY_PASSWORD&quot;);&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //End data validation&nbsp; &nbsp; &nbsp; &nbsp; if(count($errors) == 0)&nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //A security note here, never tell the user which credential was incorrect&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if(!usernameExists($username))&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $errors[] = lang(&quot;ACCOUNT_USER_OR_PASS_INVALID&quot;);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; else&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $userdetails = fetchUserDetails($username);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //See if the user&#039;s account is activation&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if($userdetails[&quot;Active&quot;]==0)&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $errors[] = lang(&quot;ACCOUNT_INACTIVE&quot;);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; else&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Hash the password and use the salt from the database to compare the password.&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $entered_pass = generateHash($password,$userdetails[&quot;Password&quot;]);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if($entered_pass != $userdetails[&quot;Password&quot;])&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Again, we know the password is at fault here, but lets not give away the combination incase of someone bruteforcing&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $errors[] = lang(&quot;ACCOUNT_USER_OR_PASS_INVALID&quot;);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; else&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Passwords match! we&#039;re good to go&#039;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Construct a new logged in user object&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Transfer some db data to the session object&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $loggedInUser = new loggedInUser();&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $loggedInUser-&gt;email = $userdetails[&quot;Email&quot;];&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $loggedInUser-&gt;user_id = $userdetails[&quot;User_ID&quot;];&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $loggedInUser-&gt;hash_pw = $userdetails[&quot;Password&quot;];&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $loggedInUser-&gt;display_username = $userdetails[&quot;Username&quot;];&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $loggedInUser-&gt;clean_username = $userdetails[&quot;Username_Clean&quot;];&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Update last sign in&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $loggedInUser-&gt;updateLastSignIn();&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $_SESSION[&quot;userCakeUser&quot;] = $loggedInUser;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; //Redirect to user account page&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; header(&quot;Location: index.php&quot;);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; die();&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; }?&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;?php&nbsp; &nbsp; &nbsp; &nbsp; if(!empty($_POST))&nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; ?&gt;&nbsp; &nbsp; &nbsp; &nbsp; &lt;?php&nbsp; &nbsp; &nbsp; &nbsp; if(count($errors) &gt; 0)&nbsp; &nbsp; &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; ?&gt;&nbsp; &nbsp; &nbsp; &nbsp; &lt;div id=&quot;errors&quot;&gt;&nbsp; &nbsp; &nbsp; &nbsp; &lt;?php errorBlock($errors); ?&gt;&nbsp; &nbsp; &nbsp; &nbsp; &lt;/div&gt;&nbsp; &nbsp;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;?php&nbsp; &nbsp; &nbsp; &nbsp; } }&nbsp; &nbsp; &nbsp; &nbsp; ?&gt; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;div class=&quot;rundum&quot;&gt;&lt;h1&gt;Login&lt;/h1&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;form name=&quot;newUser&quot; id=&quot;customForm&quot; action=&quot;&lt;?php echo $_SERVER[&#039;PHP_SELF&#039;] ?&gt;&quot; method=&quot;post&quot;&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;label&gt;Benutzer:&lt;/label&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;input type=&quot;text&quot; name=&quot;username&quot; /&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;/p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;label&gt;Passwort:&lt;/label&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;input type=&quot;password&quot; name=&quot;password&quot; /&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;/p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;label&gt;&amp;nbsp;&lt;/label&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;input type=&quot;submit&quot; id=&quot;send&quot; value=&quot;Login&quot; class=&quot;submit&quot; /&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;/p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;/form&gt;&lt;br /&gt;&lt;p&gt;&lt;a href=&quot;forgot-password.php&quot;&gt;Password vergessen?&lt;/a&gt;&lt;/p&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;/div&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;?php } ?&gt;[/PHP]</blockquote>

[QUOTE="JPS, post: 1787047, member: 293118"] Hallo, das untenstehende Script habe ich in meine index.php included. Ist man nicht eingelogged zeigt es das Login Formular und wenn man sich einlogged halt Userinfos mit logout Möglichkeit. Soweit so gut. Logged man sich ein, macht header("Location: index.php"); Probleme und es kommt die Meldung Cannot modify header....aktualisiert man dann die Seite dann geht es. Wie kann ich das Problem aus der Welt schaffen??? [PHP] <?php //Prevent the user visiting the logged in page if he/she is already logged in if(isUserLoggedIn()) {?> <div class="rundum"> <h1><?php echo $loggedInUser->display_username; ?></h1> Willkommen im Member Bereich. Ihr Accountart: <?php $group = $loggedInUser->groupID(); echo $group['Group_Name']; ?> <a href="logout.php">Logout</a> Profil bearbeiten Passwort ändern e-Mail ändern </div> <?php } else { //Forms posted if(!empty($_POST)) { $errors = array(); $username = trim($_POST["username"]); $password = trim($_POST["password"]); //Perform some validation //Feel free to edit / change as required if($username == "") { $errors[] = lang("ACCOUNT_SPECIFY_USERNAME"); } if($password == "") { $errors[] = lang("ACCOUNT_SPECIFY_PASSWORD"); } //End data validation if(count($errors) == 0) { //A security note here, never tell the user which credential was incorrect if(!usernameExists($username)) { $errors[] = lang("ACCOUNT_USER_OR_PASS_INVALID"); } else { $userdetails = fetchUserDetails($username); //See if the user's account is activation if($userdetails["Active"]==0) { $errors[] = lang("ACCOUNT_INACTIVE"); } else { //Hash the password and use the salt from the database to compare the password. $entered_pass = generateHash($password,$userdetails["Password"]); if($entered_pass != $userdetails["Password"]) { //Again, we know the password is at fault here, but lets not give away the combination incase of someone bruteforcing $errors[] = lang("ACCOUNT_USER_OR_PASS_INVALID"); } else { //Passwords match! we're good to go' //Construct a new logged in user object //Transfer some db data to the session object $loggedInUser = new loggedInUser(); $loggedInUser->email = $userdetails["Email"]; $loggedInUser->user_id = $userdetails["User_ID"]; $loggedInUser->hash_pw = $userdetails["Password"]; $loggedInUser->display_username = $userdetails["Username"]; $loggedInUser->clean_username = $userdetails["Username_Clean"]; //Update last sign in $loggedInUser->updateLastSignIn(); $_SESSION["userCakeUser"] = $loggedInUser; //Redirect to user account page header("Location: index.php"); die(); } } } } } ?> <?php if(!empty($_POST)) { ?> <?php if(count($errors) > 0) { ?> <div id="errors"> <?php errorBlock($errors); ?> </div> <?php } } ?> <div class="rundum"><h1>Login</h1> <form name="newUser" id="customForm" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post"> <label>Benutzer:</label> <input type="text" name="username" /> <label>Passwort:</label> <input type="password" name="password" /> <label> </label> <input type="submit" id="send" value="Login" class="submit" /> </form> <a href="forgot-password.php">Password vergessen?</a> </div> <?php } ?> [/PHP] [/QUOTE]

Bilder bitte hier hochladen und danach über das Bild-Icon (Direktlink vorher kopieren) platzieren.

Authentifizierung

Wenn ★ = 12, ◇ = 4 und die Hälfte von ★ zu ◇ addiert wird, was ist das Ergebnis?