Forum Moderators: coopster

Message Too Old, No Replies

Dreamweaver scripts using header redirect are stalling

         

bobcox

11:48 am on Nov 6, 2011 (gmt 0)

10+ Year Member



I am in the process of moving a site from one host to another. I use a number of standard Dreamweaver scripts that use php header (e.g user login, add data to database etc.) to redirect to another page e.g header('Location: newpage.php');

All the scripts work perfectly on the 'old' host, but stall on the 'new' host (note that I have not altered the scripts in any way). No errors are thrown - the page just sits there!

Frustratingly the 'new' host's tech support ( huh lol!) will not accept that the problem is with them; they just say check the code with the manufacturer.

I have just about given up with them so will change host again. But I would appreciate it if anyone has either experienced this or can guess at the cause could help.

Readie

4:17 pm on Nov 6, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Could you post an example of a script that is stalling please? Without seeing the code we can only speculate.

bobcox

10:10 am on Nov 7, 2011 (gmt 0)

10+ Year Member



Readie

Thanks for your response but I didn't post code as I know there is nothing wrong with the codes. Being standard Dreamweaver output (unaltered) they run on millions of servers/domains. I use them frequently.

The identical scripts are currently running correctly on another host's servers (I was moving files/domain for another reason). They run on my localhost server (Apache via Xammp). They run on other domains on the same host's servers but for some reason they fail on this particular domain.

If it was anything do do with php version, I'm sure Adobe would have been inundated with queries.

I don't want anyone to spend time on trying to debug working scripts.

I just wondered whether anyone had encountered any similar event.

I won't be spending any more time with this particular host - I will move the domain.

rocknbil

5:21 pm on Nov 7, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Well, welcome aboard Bob but Readie is correct - there may be nothing wrong with this host but the environment has changed and it may take just a small tweak to make it work. What if your next host shows the same problem? You also didn't relate the O.S. of your old and new server (probably not real relevant.)

The problem with WYSIWYG editors - ESPECIALLY for modifying PHP - is that often, especially DW, they will include local paths in their configuration. It could be something as simple as a difference in path configuration. Understanding the problem may be much more simple than nuking it all until you find an environment that works for you.

bobcox

7:00 pm on Nov 7, 2011 (gmt 0)

10+ Year Member



Thanks for the reply- well if you really want to use up your time an example code is below.

I reiterate, there are many scripts failing on this domain (all which should redirect using the 'header' function to another page). I have placed the identical script - note identical, on another domain on the same hosting company - it works. Similar scripts work on other domains which I manage on the same hosting company and on other hosts.

I am aware of problems with local vs absolute but have been doing this long enough to have checked that all out. The files which are failing have been copied unaltered (they do not need any modification as all filenames, database names etc etc are the same) from another server on which they are working.

Here is an example produced directly by DW - this works on several other domains which I have worked on over the years.

<?php require_once('../Connections/dynPC.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['user'])) {
$loginUsername=$_POST['user'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "user_type";
$MM_redirectLoginSuccess = "admin.php";
$MM_redirectLoginFailed = "tryagain.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_dynPC, $dynPC);

$LoginRS__query=sprintf("SELECT username, password, user_type FROM users WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$LoginRS = mysql_query($LoginRS__query, $dynPC) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$loginStrGroup = mysql_result($LoginRS,0,'user_type');

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Dedham Parish Church Website Admin Area</title>
<link href="admin.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div align="center" id="open"> Dedham
Parish Church Website Admin Area.
</div>
<h1 align="center">Please login</h1>
<form ACTION="<?php echo $loginFormAction; ?>" name="login" id="login" method="POST">
<table width="30%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="right"><label for="textfield">User Name</label></td>
<td>&nbsp;</td>
<td><input type="text" name="user" id="user" /></td>
</tr>
<tr>
<td align="right"><label for="textfield">User Password</label></td>
<td>&nbsp;</td>
<td><input type="password" name="password" id="password" /></td>
</tr>
</table>
<p align="center"><label for="textfield"></label>
<input type="submit" name="Submit" value="Login" id="Submit" />
</p>
</form>

</body>
</html>

rocknbil

5:03 pm on Nov 8, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Try hard coding this.

$loginFormAction = $_SERVER['PHP_SELF'];

PHP_SELF has long been known to have vulnerabilities (which is different than the old deprecated/disabled global $PHP_SELF.) You **could** try $_SERVER['SCRIPT_NAME']

$loginFormAction = $_SERVER['SCRIPT_NAME'];

... but 1) that will report the full domain path (/script.php, with the slash, which is usually a good thing) and 2) I try not to rely on environment variables in case those get hacked somehow. As a test, hard code it to the script's name.

$loginFormAction = 'yourscript.php';

I'd also look at this:

$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

And temporarily comment it out, allowing $theValue to pass raw.

The two of these in combination with your original problem tell me that you've moved to a new server with the latest software and **something** in these deprecated functions/methods is disabled in the new server configuration. I'd pull a phpinfo() on both sites and compare.

You can also add this at the top of the script (temporarily,) newer servers don't report errors/warnings automatically as a security precaution (a hacker can cause your script to error, and these errors reveal information about the server.)

error_reporting(E_ALL);

bobcox

1:43 pm on Nov 9, 2011 (gmt 0)

10+ Year Member



Thanks rocknbil for taking the time and trouble to look through the code. Unfortuantely your suggestions make no difference.

Whilst I am new to this forum, I am not new to coding and have been using Dreamweaver for some 12 years or more. It is not commercially viable for me to hard code when an fairly expensive and very widespread tool allows for single click creation of standard fuctionality. I only have time to code when additional functionality is required by client. Adobe would not have their reputation if their code failed easily or widely.

I had already compared phpinfo() and advised the hosting company that there is a difference in environment variables (_REQUEST["PHPSESSID"]
and _COOKIE["PHPSESSID"]
not set and differing setting for _ENV["HTTP_COOKIE"]
)on what they say is the same virtual server hosting two domains, on one of which the code operates the other fails.
But the Namesco (there I've named them!) tech support are clearly not interested in investigating.

Error reporting is enabled on the server as I can provoke an error message - again nothing from the stalling code.

I have no more time to use on this so will be moving host so please don't spend any more of your time on this.

Thanks

enigma1

8:00 pm on Nov 10, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Here is an example produced directly by DW - this works on several other domains which I have worked on over the years.


Is this the redirect code you refer to?


if (isset($_SESSION['PrevUrl']) && false ) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
.........


So this generator or whatever you call it, emits redirect headers but doesn't even bother to exit the PHP script right? So the code flow goes right through the HTML subject to the host speed perhaps. You may want to take it up with adobe. IMO you should dump dw and use some plain text editor to edit scripts.

g1smd

7:30 am on Nov 11, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Are you sure that you're wanting a 302 redirect at that point?

bobcox

11:47 am on Nov 12, 2011 (gmt 0)

10+ Year Member



Thanks everyone - seems to be degenerating into 'we hate DW and prefer Notepad'

Consider this closed.