Hi, I am getting the following errors from a php page: [a href=\"http://mp3scan.net/login1.php\" target=\"_blank\"]http://mp3scan.net/login1.php[/a] Warning: session_start(): Cannot send session cookie - headers already sent by Warning: session_start(): Cannot send session cache limiter - headers already sent The php file calls a "check login" script ,which I've pasted below, I know this is a common problem with whitespace above the session_start call, but I can't see any in my code, Any help would be appreciated, Thanks <?php session_start(); if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) { $logged_in = 0; return; } else { // remember, $_SESSION['password'] will be encrypted. if(!get_magic_quotes_gpc()) { $_SESSION['username'] = addslashes($_SESSION['username']); } // addslashes to session username before using in a query. $pass = $db_object->query("SELECT password FROM users WHERE username = '".$_SESSION['username']."'"); if(DB::isError($pass) || $pass->numRows() != 1) { $logged_in = 0; unset($_SESSION['username']); unset($_SESSION['password']); // kill incorrect session variables. } $db_pass = $pass->fetchRow(); // now we have encrypted pass from DB in //$db_pass['password'], stripslashes() just incase: $db_pass['password'] = stripslashes($db_pass['password']); $_SESSION['password'] = stripslashes($_SESSION['password']); if($_SESSION['password'] == $db_pass['password']) { // valid password for username $logged_in = 1; // they have correct info // in session variables. } else { $logged_in = 0; unset($_SESSION['username']); unset($_SESSION['password']); // kill incorrect session variables. } } // clean up unset($db_pass['password']); $_SESSION['username'] = stripslashes($_SESSION['username']); ?>