php - Why is my web not redirecting after Google Login

Question

I have a web application that requires the user to login using their google account.However,after i logged in,it doesn't redirect me to another page.It stayed at the login page.

Before Login:

After Login:

I have tried using php Header() function but it did not redirect me.Am I missing anything out?

<?php
ob_start();
session_start();

require_once 'google-api-php-client-2.2.2/vendor/autoload.php';


$conn = new mysqli("localhost","root","","labelimagetool");
if($conn->connect_error){
    die("Connection failed: ".$conn->connect_error);
    echo 'Unable to connect to db!';
}
else{
    echo 'Connected to db!';
}

$redirect_uri = 'http://localhost/labelimagetool/tool.php';

$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setDeveloperKey($api_key);
$client->setRedirectUri($redirect_uri);
//$service = new Google_Service_Oauth2($client);
$client->addScope(Google_Service_Oauth2::USERINFO_EMAIL);
$client->setAccessType('offline');        // offline access
$client->setIncludeGrantedScopes(true); 
//$client->authenticate(isset($_GET['code']));
//$client->authenticate($code); 

$plus = new Google_Service_Plus($client);

if(isset($_REQUEST['logout'])){
    session_unset();
}
if(isset($_GET['code'])){
    $client->authenticate($_GET['code']);
    $_SESSION['access_token'] = $client->getAccessToken();
    $redirect = 'http://'.$_SERVER['HTTP_HOST'].'/tool.php';
    header('Location:'.filter_var($redirect,FILTER_SANITIZE_URL));  
    exit();
}
else{
    echo "no value";
}

if(isset($_SESSION['access_token']) && $_SESSION['access_token']){

    $client->setAccessToken($_SESSION['access_token']);
    $me = $plus->people->get('me');

    $email = $me['emails'][0]['value'];
    $name = $me['displayName'];
    $sqlEmail = "SELECT * FROM users WHERE email='".$email."'";
    $checkEmail = mysqli_query($conn,$sqlEmail);
    if(mysqli_num_rows($checkEmail) >0){

    }
    else{
    $insertStmt = "INSERT INTO users ('email','name','status') VALUES('".$email."','".$name."','user')";
    mysqli_query($conn,$insertStmt);
    }
}
else{
    $authUrl = $client->createAuthUrl();
}  
ob_end_flush();
?>

Please help me..thank you.

Answer 1

Your problem is that you are setting a redirect header but then not following thru.

This section of code is executes:

if(isset($_GET['code'])){
    $client->authenticate($_GET['code']);
    $_SESSION['access_token'] = $client->getAccessToken();
    $redirect = 'http://'.$_server['HTTP_HOST'].'/tool.php';
    header('Location:'.filter_var($redirect,FILTER_SANITIZE_URL));
}

but instead of exiting the PHP after you set the Location header you continue on:

if(isset($_SESSION['access_token']) && $_SESSION['access_token']){
    .....
}

and then finally this code executes:

else{
    $authUrl = $client->createAuthUrl();
}

SOLUTION:

Change to this block of code: notice the addition of exit()

if(isset($_GET['code'])){
    $client->authenticate($_GET['code']);
    $_SESSION['access_token'] = $client->getAccessToken();
    $redirect = 'http://'.$_server['HTTP_HOST'].'/tool.php';
    header('Location:'.filter_var($redirect,FILTER_SANITIZE_URL));
    exit();
}

Suggestion:

If you plan to send HTTP headers to the client, always add ob_start(); at the beginning of your PHP code. This turns on output buffering. This prevents output from being sent before your headers. Follow up with ob_end_flush(); before your code exits.

<?php
ob_start();

Enable error reporting. At the top of your PHP file add (plus my other suggestion):

<?php
// enable output buffering
ob_start();
// Enable error reporting
error_reporting(E_ALL);
ini_set('display_errors', 1);

Also, if you have PHP error logging setup, you will be able to see errors and warning. I will bet there are a few that need to be fixed.