Short
During debug process I see that, all goes right. For debugging purposes, before
header('Location:'.wsurl.'me.php');
Asigning generated url
$redirect=wsurl.'me.php';
And Netbeans shows right url adress
But on browser windows getting this screen
http://img849.imageshack.us/img849/9861/c6949d6ea7ba47909d2cc37.png
And it doesn’t redirect to any url: just stays where it is.
Question
What prevents redirection?
Detailed
Here is full code of signin method
public function signin() {
if ($this->validation->check()) {
foreach ($_POST as $k => $v)
$$k = $v;
$stmt = $this->db->prepare("
SELECT u.id, u.fname, u.lname, u.mname, u.type, u.email, u.salt,
u.pass, u.salt, u.approved, u.ban, u2.status
FROM `users` AS u
LEFT OUTER JOIN `log` AS u2
ON u2.user_id = u.id
WHERE u.email = ? LIMIT 1") or die($this->db->error);
$stmt->bind_param("s", $email) or die($stmt->error);
$stmt->execute() or die($stmt->error);
$stmt->store_result();
$ip = ip2long($ip);
if ($stmt->num_rows > 0) {
$stmt->bind_result($id, $fname, $lname, $mname, $type, $email, $salt, $db_pass, $salt, $approved, $ban, $status) or die($stmt->error);
$stmt->fetch() or die($stmt->error);
$stmt->close();
if ($status != 1) {
if ($approved == 1) {
if ($ban == 0) {
$hash = hash('sha256', $salt . hash('sha256', trim($pass)));
if ($hash == $db_pass) {
$token = sha1(microtime(true) . mt_rand(10000, 90000));
if (isset($remember) && $remember == "on") {
$timeout = time() + 60 * 60 * 24 * COOKIE_TIME_OUT;
$stmt = $this->db->prepare("INSERT INTO `log` (`user_id`,`ip`, `token`, `timeout`, `status`,`signin_dt`) VALUES (?,?,?,?,1,NOW())") or die($db->error);
$stmt->bind_param("iiiii", $id, $ip, $token, $timeout) or die($stmt->error);
setcookie('auth', "$token", $timeout);
} else {
$stmt = $this->db->prepare("INSERT INTO `log` (`user_id`,`ip`, `status`,`signin_dt`) VALUES (?,?,1,NOW())") or die($db->error);
$stmt->bind_param("ii", $id, $ip) or die($stmt->error);
session_start();
session_regenerate_id(true); //this is a security measure
$_SESSION['user_id'] = $id;
$_SESSION['token'] = $token;
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
$_SESSION['remote_ip'] = $_SERVER['REMOTE_ADDR'];
}
$stmt->execute() or die($stmt->error);
$stmt->close();
$redirect=wsurl.'me.php';
header('Location: '.$redirect); die;
} else {
die($this->ajax->respond(3));
}
} else {
die($this->ajax->respond(4));
}
} else {
die($this->ajax->respond(5));
}
} else {
die($this->ajax->respond(6));
}
} else {
die($this->ajax->respond(7));
}
}
}
If
ajax_respond()sends output to the browser, you cannot follow that with aheader()call, since output will already have been sent. An AJAX response is not typically followed by any redirection, since the client browser is not intended to reload the page. Instead the AJAX response is processed in the page and no redirection takes place.