DEVILofDARKNESS Posted February 25, 2009 Share Posted February 25, 2009 I get this error: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /www/uuuq.com/4/a/d/4ade/htdocs/gedichten/test/ADD.php:10) in /www/uuuq.com/4/a/d/4ade/htdocs/gedichten/test/ADD.php on line 14 Parse error: syntax error, unexpected '<' in /www/uuuq.com/4/a/d/4ade/htdocs/gedichten/test/login-check.php on line 16 this is the script: <html> <head><title>Gedichten</title> <link href='../../standard.css' type='text/css' rel='stylesheet' /> <link href='natuur.css' type='text/css' rel="stylesheet" /> </head> <body> <table class='look' height='100%' width='100%' border='1'> <tbody> <tr> <td width='10%' height='100%'><iframe class='frames' src='../../functieknoppen/functieknoppennatuur.htm' frameborder='0' width='100%' height='100%' scrolling='no'></iframe> </td> <td><center> <?php session_start(); require_once 'login-check.php'; /* DATABASE SETTINGS */ print "<form action='' method='POST'> Jou Naam: <input type='text' maxlength='35' Name='UName'><br> Gedicht Naam: <input type='text' maxlength='35' Name='PName'><br> Auteur Naam: <input type='text' maxlength='35' Name='Auteur'><br> bundel: <input type='text' maxlength='35' Name='bundel'><br> Jaartal: <input type='text' maxlength='35' Name='jaartal'><br> Poem Text: <textarea COLS='60' ROWS='5' Name='PText'></textarea> <input type='submit' Value='Add!' name='submit'> <input type='reset'> </form>"; $query = sprintf("SELECT COUNT(DISTINCT poem_id) FROM poems"); $result = mysql_query($query); list($id) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT user_id) FROM users"); $result = mysql_query($query); list($userid) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT book_id) FROM books"); $result = mysql_query($query); list($bookid) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT author_id) FROM authors"); $result = mysql_query($query); list($authorid) = mysql_fetch_row($result); if(isset($_POST['submit'])) { $id = $id + 1; $userid = $userid + 1; $bookid = $bookid + 1; $authorid = $authorid + 1; $pname = $_POST['PName']; $uname = $_POST['UName']; $ptext = $_POST['PText']; $auteur = $_POST['Auteur']; $bundel = $_POST['bundel']; $jaartal = $_POST['jaartal']; $ip = $_SERVER['REMOTE_ADDR']; $added = date("d/m/y : H:i:s", time()) ; if(empty($_POST['PName'])) { print "<script type='text/javascript'>alert('Je hebt geen gedichten naam geschreven!');</script>"; } elseif(empty($_POST['UName'])) { print "<script type='text/javascript'>alert('Je hebt je naam niet geschreven!');</script>"; } elseif(empty($_POST['PText'])) { print "<script type='text/javascript'>alert('je hebt geen gedicht geschreven!');</script>"; } elseif(empty($_POST['Auteur'])) { print "<script type='text/javascript'>alert('Je hebt geen Auteur ingevuld, als je het niet weet, schrijf dan Onbekend of UnKnown!');</script>"; } else { $query = sprintf("INSERT INTO poems(poem_id,poem_name,user_id,poem_text,category_id,book_id,poem_added) VALUES ('$id','$pname','$userid','$ptext','7','$bookid','$added')"); $result = mysql_query($query); $query = sprintf("INSERT INTO users(user_id,user_name) VALUES ('$userid','$uname')"); $result = mysql_query($query); $query = sprintf("INSERT INTO books(book_id,book_name,author_id) VALUES ('$bookid','$bundel','$authorid')"); $result = mysql_query($query); $query = sprintf("INSERT INTO authors(author_id,author_name) VALUES ('$authorid','$auteur')"); $result = mysql_query($query); print "<script type='text/javascript'>alert('Je gedicht is toegevoegd aan de 'Test' categorie);</script><a href='test.php'>Zie alle gedichten</a>"; } } ?> </center></td> </tr> </tbody> </table> </body> </html> this is the login-check code: <?php session_start(); /* DATABASE SETTINGS */ $username = $_SESSION['username']; $query = sprintf("SELECT id FROM users WHERE user_name = '$username'", mysql_real_escape_string($_SESSION['username'])); $result = mysql_query($query); list($userID) = mysql_fetch_row($result); if(!$userID) { // not logged in! <script type='text/Javascript'> alert:('Je moet ingelogd zijn om een gedicht te kunnen toevoegen!'); </script> header('Location: login.php'); } ?> and this is the login script: <?php session_start(); if(isset($_POST)) { /*DATABASE SETTINGS */ $username = mysql_real_escape_string($_POST['username']); $password = md5('ssdùµDSFQ£Fµ^µùµùùù%%*¨£+£%£¨45ss68ee46"é435§(§è)' . $_POST['password'] . 'wadzaa'); $query = "SELECT COUNT(user_id) FROM users WHERE user_name = '$username' AND user_pass='$password'"; $result = mysql_query($query) or die("SQL Error: SQL: {$query}<br /> mySql error: " . mysql_error()); list($count) = mysql_fetch_row($result); if($count == 1) { $query = "SELECT user_id FROM users WHERE user_name = '$username' AND user_pass = '$password'"; $result = mysql_query($query); list($id) = mysql_fetch_row($result); $_SESSION['username'] = $_POST['username']; $query = "UPDATE users SET last_login = NOW() WHERE user_name = '$username' AND user_pass = '$password'"; $result = mysql_query($query) or die("SQL Error: SQL: {$query}<br /> mySql error: " . mysql_error()); header('location:gedichten/gedichten.php'); } else { $color = "red"; $echo = 'There is no username/password combination like that in the database.'; } } ?> <html dir="ltr"> <head> <title>Login</title> <link href="../../standard.css" type="text/css" rel="stylesheet" /> <link href='natuur.css' type='text/css' rel="stylesheet" /> </head> <body> <table class="look" height="100%" width="100%" border="1"> <tbody> <tr> <td width="10%" height="100%"><iframe class="frames" src="../../functieknoppen/functieknoppennatuur.htm" frameborder="0" width="100%" height="100%" scrolling="no"></iframe> </td> <td><center> <font color="<?php echo $color; ?>"><?php echo $echo; ?></font><br> <form action="" method="post"> Username: <input type="text" name="username" id="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="login"> -- <input type="reset" value="reset"> </form> <script type="text/Javascript"> document.getElementById("username").focus(); </script> </td> </tr> </tbody> </table> </body> </html> Link to comment https://forums.phpfreaks.com/topic/146836-login-check-problem/ Share on other sites More sharing options...
trq Posted February 25, 2009 Share Posted February 25, 2009 session_start needs to be called prior to any output to the browser. Link to comment https://forums.phpfreaks.com/topic/146836-login-check-problem/#findComment-770898 Share on other sites More sharing options...
DEVILofDARKNESS Posted February 25, 2009 Author Share Posted February 25, 2009 And what do I need to change? Is it because I already have a session_start() in the login-check.php script? Link to comment https://forums.phpfreaks.com/topic/146836-login-check-problem/#findComment-770917 Share on other sites More sharing options...
revraz Posted February 25, 2009 Share Posted February 25, 2009 In your first script ADD.php, you need to move it to the top. Link to comment https://forums.phpfreaks.com/topic/146836-login-check-problem/#findComment-770975 Share on other sites More sharing options...
DEVILofDARKNESS Posted February 25, 2009 Author Share Posted February 25, 2009 Ok I found the bug, thanks, but now it always redirects me to the login page even if you're logged in. ADD.php code: <?php session_start(); /*DATABASE SETTINGS */ $username = mysql_real_escape_string($_SESSION['username']); $query = "SELECT user_id FROM users WHERE user_name = '$username'"; $result = mysql_query($query); list($userID) = mysql_fetch_row($result); if(!$userID) { // not logged in! header('Location: ../../login.php'); } ?> <html> <head><title>Gedichten</title> <link href='../../standard.css' type='text/css' rel='stylesheet' /> <link href='natuur.css' type='text/css' rel="stylesheet" /> </head> <body> <table class='look' height='100%' width='100%' border='1'> <tbody> <tr> <td width='10%' height='100%'><iframe class='frames' src='../../functieknoppen/functieknoppennatuur.htm' frameborder='0' width='100%' height='100%' scrolling='no'></iframe> </td> <td><center> <?php print "<form action='' method='POST'> Jou Naam: <input type='text' maxlength='35' Name='UName'><br> Gedicht Naam: <input type='text' maxlength='35' Name='PName'><br> Auteur Naam: <input type='text' maxlength='35' Name='Auteur'><br> bundel: <input type='text' maxlength='35' Name='bundel'><br> Jaartal: <input type='text' maxlength='35' Name='jaartal'><br> Poem Text: <textarea COLS='60' ROWS='5' Name='PText'></textarea> <input type='submit' Value='Add!' name='submit'> <input type='reset'> </form>"; $query = sprintf("SELECT COUNT(DISTINCT poem_id) FROM poems"); $result = mysql_query($query); list($id) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT user_id) FROM users"); $result = mysql_query($query); list($userid) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT book_id) FROM books"); $result = mysql_query($query); list($bookid) = mysql_fetch_row($result); $query = sprintf("SELECT COUNT(DISTINCT author_id) FROM authors"); $result = mysql_query($query); list($authorid) = mysql_fetch_row($result); if(isset($_POST['submit'])) { $id = $id + 1; $userid = $userid + 1; $bookid = $bookid + 1; $authorid = $authorid + 1; $pname = $_POST['PName']; $uname = $_POST['UName']; $ptext = $_POST['PText']; $auteur = $_POST['Auteur']; $bundel = $_POST['bundel']; $jaartal = $_POST['jaartal']; $ip = $_SERVER['REMOTE_ADDR']; $added = date("d/m/y : H:i:s", time()) ; if(empty($_POST['PName'])) { print "<script type='text/javascript'>alert('Je hebt geen gedichten naam geschreven!');</script>"; } elseif(empty($_POST['UName'])) { print "<script type='text/javascript'>alert('Je hebt je naam niet geschreven!');</script>"; } elseif(empty($_POST['PText'])) { print "<script type='text/javascript'>alert('je hebt geen gedicht geschreven!');</script>"; } elseif(empty($_POST['Auteur'])) { print "<script type='text/javascript'>alert('Je hebt geen Auteur ingevuld, als je het niet weet, schrijf dan Onbekend of UnKnown!');</script>"; } else { $query = sprintf("INSERT INTO poems(poem_id,poem_name,user_id,poem_text,category_id,book_id,poem_added) VALUES ('$id','$pname','$userid','$ptext','7','$bookid','$added')"); $result = mysql_query($query); $query = sprintf("INSERT INTO users(user_id,user_name) VALUES ('$userid','$uname')"); $result = mysql_query($query); $query = sprintf("INSERT INTO books(book_id,book_name,author_id) VALUES ('$bookid','$bundel','$authorid')"); $result = mysql_query($query); $query = sprintf("INSERT INTO authors(author_id,author_name) VALUES ('$authorid','$auteur')"); $result = mysql_query($query); print "<script type='text/javascript'>alert('Je gedicht is toegevoegd aan de 'Test' categorie);</script><a href='test.php'>Zie alle gedichten</a>"; } } ?> </center></td> </tr> </tbody> </table> </body> </html> login code: <?php // session_start(); if(isset($_POST)) { /*DATABASE SETTINGS */ $username = mysql_real_escape_string($_POST['username']); $password = md5('ssdùµDSFQ£Fµ^µùµùùù%%*¨£+£%£¨45ss68ee46"é435§(§è)' . $_POST['password'] . 'wadzaa'); $query = "SELECT COUNT(user_id) FROM users WHERE user_name = '$username' AND user_pass='$password'"; $result = mysql_query($query) or die("SQL Error: SQL: {$query}<br /> mySql error: " . mysql_error()); list($count) = mysql_fetch_row($result); if($count == 1) { $query = "SELECT user_id FROM users WHERE user_name = '$username' AND user_pass = '$password'"; $result = mysql_query($query); list($id) = mysql_fetch_row($result); $_SESSION['username'] = $_POST['username']; $query = "UPDATE users SET last_login = NOW() WHERE user_name = '$username' AND user_pass = '$password'"; $result = mysql_query($query) or die("SQL Error: SQL: {$query}<br /> mySql error: " . mysql_error()); header('location:gedichten/gedichten.php'); } else { $color = "red"; $echo = 'There is no username/password combination like that in the database.'; } } ?> <html dir="ltr"> <head> <title>Login</title> <link href="../../standard.css" type="text/css" rel="stylesheet" /> <link href='natuur.css' type='text/css' rel="stylesheet" /> </head> <body> <table class="look" height="100%" width="100%" border="1"> <tbody> <tr> <td width="10%" height="100%"><iframe class="frames" src="../../functieknoppen/functieknoppennatuur.htm" frameborder="0" width="100%" height="100%" scrolling="no"></iframe> </td> <td><center> <font color="<?php echo $color; ?>"><?php echo $echo; ?></font><br> <form action="" method="post"> Username: <input type="text" name="username" id="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="login"> -- <input type="reset" value="reset"> </form> <script type="text/Javascript"> document.getElementById("username").focus(); </script> </td> </tr> </tbody> </table> </body> </html> Link to comment https://forums.phpfreaks.com/topic/146836-login-check-problem/#findComment-771185 Share on other sites More sharing options...
DEVILofDARKNESS Posted February 28, 2009 Author Share Posted February 28, 2009 Ok, I found the bug, now there is still one problem, It shows from the beginning that there is no username/password combination, even when there is nothing send yet. What have I done wrong? I already tried the if(isset($count)) but it didn't work. <?php session_start(); if(isset($_POST)) { /* DATABASE SETTINGS */ $username = mysql_real_escape_string($_POST['username']); $password = md5('ssdùµDSFQ£Fµ^µùµùùù%%*¨£+£%£¨45ss68ee46"é435§(§è)' . $_POST['password'] . 'wadzaa'); $query = "SELECT COUNT(user_id) FROM users WHERE user_name = '$username' AND user_pass='$password'"; $result = mysql_query($query) or die("SQL Error: SQL: {$query}<br /> mySql error: " . mysql_error()); list($count) = mysql_fetch_row($result); if(isset($count)) { if($count == 1) { $query = "SELECT user_id FROM users WHERE user_name = '$username' AND user_pass = '$password'"; $result = mysql_query($query); list($id) = mysql_fetch_row($result); $_SESSION['username'] = $_POST['username']; $query = "UPDATE users SET last_login = NOW() WHERE user_name = '$username' AND user_pass = '$password'"; $result = mysql_query($query) or die("SQL Error: SQL: {$query}<br /> mySql error: " . mysql_error()); header('location:gedichten/test/ADD.php'); } else { $color = "red"; $echo = 'There is no username/password combination like that in the database.'; } } } ?> Link to comment https://forums.phpfreaks.com/topic/146836-login-check-problem/#findComment-773164 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.