[SOLVED] Cannot modify header information

[jeeves245]

Hi guys,

 

I'm having problems with the following error and was hoping for some advice

 

Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/smail/input.php:1) in /var/www/html/smail/password_protect.php on line 139

 

I've a lot of reading on Google and it seems to be something to do with whitespace before the <?php tag.. have removed it but the error still shows.

 

The line in question (139) is:

setcookie("verify", md5($login.'%'.$pass), $timeout, '/');

 

Any ideas?

 

Cheers

 

(MySQL 4.1.18)

 

[trq]

Headers have nothing to do with mysql, please post your question in the appropriate board. In fact, if you look at the top of the PHP Help board there is a sticky covering this very subject (header errors) and what to do to avoid them.

[PFMaBiSmAd]

The line in question (139) is:

 

But the output in question that is causing the error is -

output started at /var/www/html/smail/input.php:1 (line 1).

 

Did you look at that file to see what it is doing that is causing the output?

[jeeves245]

The line in question (139) is:

 

But the output in question that is causing the error is -

output started at /var/www/html/smail/input.php:1 (line 1).

 

Did you look at that file to see what it is doing that is causing the output?

 

The only thing on line 1 of input.php is the <?php tag, which is why i'm a bit confused.

 

thorpe, sorry about putting it in the wrong forum. I thought it was something to do with MySQL. I'll have a read through the headers sticky and see if it helps.

[PFMaBiSmAd]

If there are no characters in the file before the <?php tag, make sure the file is saved as an ANSI/ASCII file.

 

If the file is saved as a Unicode/UTF-8 (or 16) file, the BOM (Byte Order Mark) characters that the editor puts at the start of the file are the content that is preventing the headers from working. If this is the case, save your file as ANSI/ASCII or save it as UTF-8 without the BOM.

[jeeves245]

If there are no characters in the file before the <?php tag, make sure the file is saved as an ANSI/ASCII file.

 

If the file is saved as a Unicode/UTF-8 (or 16) file, the BOM (Byte Order Mark) characters that the editor puts at the start of the file are the content that is preventing the headers from working. If this is the case, save your file as ANSI/ASCII or save it as UTF-8 without the BOM.

 

Yep, the files are definitely saved as ANSI using Notepad++

[p2grace]

Even if <? starts the file, you can't have the opening <html> tag generated before the header() function is called.  Move all php logic involving the header() above the <html> and you shouldn't have any header errors.

[jeeves245]

Even if <? starts the file, you can't have the opening <html> tag generated before the header() function is called.  Move all php logic involving the header() above the <html> and you shouldn't have any header errors.

 

Thanks for the info. Unfortunately i've tried this, and the error is still there (and exactly the same).

[p2grace]

Can you post the script that's having issues?

[jeeves245]

Can you post the script that's having issues?

 

Ok. I've moved the HTML back to the top as it didn't make a difference.

 

<?php include("/var/www/html/smail/password_protect.php"); ?>

<html>
<head>
<title></Title>
</head>

<body>
Basic HTML code
</body>
</html>

<?php
echo '
<form action="process.php" method="post">';
$months = array (1 => 'Select month','January', 'February', 'March', 'April', 'May', 'June','July', 'August', 'September', 'October', 'November', 'December');
$days = range (1, 31);
$years = array (1 => 'Select year','2009','2010','2011','2012','2013','2014','2015',);

//**********************************************

echo "Packing slip number: <br><input type=text name=psnumber /><p>";

echo "<p>Day:<br> <select name='day'>";
foreach ($days as $value) {
echo '<option value="'.$value.'">'.$value.'</option>\n';
} echo '</select><br />';

echo "<p>Month:<br> <select name='month'>";
foreach ($months as $value) {
echo '<option value="'.$value.'">'.$value.'</option>\n';
} echo '</select><br />';


echo "<p>Year:<br> <select name='year'>";
foreach ($years as $value) {
echo '<option value="'.$value.'">'.$value.'</option>\n';
} 
echo '</select><p><input type="submit" /></form>';
?>

[p2grace]

Where's the part where you are setting the cookie (which line is producing the error)?

[jeeves245]

Where's the part where you are setting the cookie (which line is producing the error)?

 

That's a different script, which I got off the internet for password protection. (got it from here: http://www.zubrag.com/scripts/password-protect.php)

 

I don't think the error is anything to do with that script, because the header errors don't appear on any of my other page which also include the password protection script.

 

Either way, here it is:

 

<?php

###############################################################
# Page Password Protect 2.13
###############################################################
# Visit http://www.zubrag.com/scripts/ for updates
############################################################### 
#
# Usage:
# Set usernames / passwords below between SETTINGS START and SETTINGS END.
# Open it in browser with "help" parameter to get the code
# to add to all files being protected. 
#    Example: password_protect.php?help
# Include protection string which it gave you into every file that needs to be protected
#
# Add following HTML code to your page where you want to have logout link
# <a href="http://www.example.com/path/to/protected/page.php?logout=1">Logout</a>
#
###############################################################

/*
-------------------------------------------------------------------
SAMPLE if you only want to request login and password on login form.
Each row represents different user.

$LOGIN_INFORMATION = array(
  'zubrag' => 'root',
  'test' => 'testpass',
  'admin' => 'passwd'
);

--------------------------------------------------------------------
SAMPLE if you only want to request only password on login form.
Note: only passwords are listed

$LOGIN_INFORMATION = array(
  'root',
  'testpass',
  'passwd'
);

--------------------------------------------------------------------
*/

##################################################################
#  SETTINGS START
##################################################################

// Add login/password pairs below, like described above
// NOTE: all rows except last must have comma "," at the end of line
$LOGIN_INFORMATION = array(
  'zubrag' => 'root',
  'admin' => 'adminpass'
);

// request login? true - show login and password boxes, false - password box only
define('USE_USERNAME', true);

// User will be redirected to this page after logout
define('LOGOUT_URL', 'http://www.example.com/');

// time out after NN minutes of inactivity. Set to 0 to not timeout
define('TIMEOUT_MINUTES', 0);

// This parameter is only useful when TIMEOUT_MINUTES is not zero
// true - timeout time from last activity, false - timeout time from login
define('TIMEOUT_CHECK_ACTIVITY', true);

##################################################################
#  SETTINGS END
##################################################################


///////////////////////////////////////////////////////
// do not change code below
///////////////////////////////////////////////////////

// show usage example
if(isset($_GET['help'])) {
  die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>');
}

// timeout in seconds
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);

// logout?
if(isset($_GET['logout'])) {
  setcookie("verify", '', $timeout, '/'); // clear password;
  header('Location: ' . LOGOUT_URL);
  exit();
}

if(!function_exists('showLoginPasswordProtect')) {

// show login form
function showLoginPasswordProtect($error_msg) {
?>
<html>
<head>
  <title>Please enter password to access this page</title>
  <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
  <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
</head>
<body>
  <style>
    input { border: 1px solid black; }
  </style>
  <div style="width:500px; margin-left:auto; margin-right:auto; text-align:center">
  <form method="post">
    <h3>Please enter password to access this page</h3>
    <font color="red"><?php echo $error_msg; ?></font><br />
<?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
    <input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" />
  </form>
  <br />
  <a style="font-size:9px; color: #B0B0B0; font-family: Verdana, Arial;" href="http://www.zubrag.com/scripts/password-protect.php" title="Download Password Protector">Powered by Password Protect</a>
  </div>
</body>
</html>

<?php
  // stop at this point
  die();
}
}

// user provided password
if (isset($_POST['access_password'])) {

  $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
  $pass = $_POST['access_password'];
  if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
  || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 
  ) {
    showLoginPasswordProtect("Incorrect password.");
  }
  else {
    // set cookie if password was validated
    setcookie("verify", md5($login.'%'.$pass), $timeout, '/');
    
    // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
    // So need to clear password protector variables
    unset($_POST['access_login']);
    unset($_POST['access_password']);
    unset($_POST['Submit']);
  }

}

else {

  // check if password cookie is set
  if (!isset($_COOKIE['verify'])) {
    showLoginPasswordProtect("");
  }

  // check if cookie is good
  $found = false;
  foreach($LOGIN_INFORMATION as $key=>$val) {
    $lp = (USE_USERNAME ? $key : '') .'%'.$val;
    if ($_COOKIE['verify'] == md5($lp)) {
      $found = true;
      // prolong timeout
      if (TIMEOUT_CHECK_ACTIVITY) {
        setcookie("verify", md5($lp), $timeout, '/');
      }
      break;
    }
  }
  if (!$found) {
    showLoginPasswordProtect("");
  }

}

?>

 

Line 139 is:

 

setcookie("verify", md5($login.'%'.$pass), $timeout, '/');

[p2grace]

You see how the setcookie() is after the <html> tags are already rendered?  All php logic that alters the header must come before the <html> (or anything that is rendered by the browser).

[jeeves245]

You see how the setcookie() is after the <html> tags are already rendered?  All php logic that alters the header must come before the <html> (or anything that is rendered by the browser).

 

Hmm.. when I put it before the HTML, it completely screws up the input.php page. And I don't know enough about PHP to rewrite the password protect script.

 

Might find another script to try out...

[popmotsy]

use ob_start(); at the top of your page....

 

and at the end of page ob_flush();

 

 

[beyzad]

Use a hex-editor to open your script. then you see 3 characters before your <?php...

 

Remove them. and your prob will solve.

[trq]

use ob_start(); at the top of your page....

 

and at the end of page ob_flush();

 

 

 

Thats probably about the worst piece of advice you could give in this situration as it doesn't fix the actual problem.

[PFMaBiSmAd]

Post your current error message. It states where the output is occurring at, that is preventing the headers from working.

 

If the error still states output on line 1 of input.php and the only thing on that line is the <?php tag (what you posted before also has an include() on line one), then you need to find out what is causing that output, up to and including deleting line one and retyping it or making a new file that you know is being saved as ANSI and copy/paste the content of your existing file into it.

 

The HTML in the password-protect.php script is within a function and is not directly relevant to the problem.

[jeeves245]

Use a hex-editor to open your script. then you see 3 characters before your <?php...

 

Remove them. and your prob will solve.

 

Worked perfectly! Thanks!