Doing away with Output Buffering

Question

My login script is something like this, usually included on top of the login form:

<?php
if(isset($_POST['login']))
{
    require_once("dbconfig.php");
    $email=$_POST["username"];
    $password=$_POST["password"];
    $password=md5("$pass");
    $msg="";
    if ($email==""){
        $msg=$msg."You didn't enter your Username.<br/>";
        $fstatus= "NOTOK";}
        if ($pass==""){
            $msg=$msg."You didn't enter your Password.";
            $fstatus= "NOTOK";}
            if($fstatus=="NOTOK"){ 
                echo "<div class=error>$msg</div>";
            }
            else{
                $logincheck=mysql_query("SELECT id FROM users WHERE username='$email' AND password='$password' limit 1");
                if(mysql_num_rows($logincheck)==0)
                {
                    echo "<div class=error>Invalid login: wrong username or password.</div>";
                }
                else
                {
                    $_SESSION['XYZ']= TRUE;
                    header("Location:member-page.php");
                }
            }
        }
    }
}
?>

To get the redirection to work, I usually use an htaccess file with the instruction PHP_FLAG output_buffering on. But this doesn't work on some servers. I understand that it is possible to do away with the htaccess file, how do I re-write the login script to make the redirection work.

Answer 1

You can just put...

<?php
    ob_start();

as the very first thing in your file (and make sure there's nothing else before the PHP code). This will turn on output buffering without a need for a .htaccess file.