Warning: session_start(): Cannot send session cookie

[AdRock]

Can anyone please tell me why I'm getting these errors?

I have modifed the [b]Creating a Membership System with PHP and MySQL[/b] tutorial so it does form validation and checking the database on the same form.

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/adrock/public_html/jack/index.php:8) in /home/adrock/public_html/jack/login.php on line 3

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/adrock/public_html/jack/index.php:8) in /home/adrock/public_html/jack/login.php on line 3

here is the code:
[code]<?
/* Check User Script */
session_start();  // Start Session

// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";

// You do not need to edit below this line

$username = stripslashes($_POST['username']);
$password = stripslashes($_POST['password']);

if (!isset($_POST['username'])) {

?>
<h2>Login</h2>

<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <p class="style3"><label for="username">Username:</label>
    <input type="text" title="Please enter your username" name="username" size="30"/></p>

    <p class="style3"><label for="password">Password:</label>
    <input type="text" title="Enter your password" name="password" size="30"/></p>

    <p class="style3"><label title="Login">
    <input type="submit" value="login" class="submit-button"/></label></p>
</form>

<?php
}

elseif (empty($username) || empty($password)) {

    echo $empty_fields_message;

}

else {

    // Stop the form being used from an external URL
    // Get the referring URL
    $referer = $_SERVER['HTTP_REFERER'];
    // Get the URL of this page
    $this_url = "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_URI"];
    // If the referring URL and the URL of this page don't match then
    // display a message and don't send the email.
    if ($referer != $this_url) {
        echo "You do not have permission to use this script from another URL.";
        exit;
    }

include("includes/connection.php");
// Convert password to md5 hash
$password = md5($password);

// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);

if($login_check > 0){
    while($row = mysql_fetch_array($sql)){
    foreach( $row AS $key => $val ){
        $$key = stripslashes( $val );
    }
        // Register some session variables!
        session_register('first_name');
        $_SESSION['first_name'] = $first_name;
        session_register('last_name');
        $_SESSION['last_name'] = $last_name;
        session_register('email_address');
        $_SESSION['email_address'] = $email_address;
        session_register('special_user');
        $_SESSION['user_level'] = $user_level;
       
        mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");         
        header("Location: index.php?page=login_success");
    }
} else {
    echo "You could not be logged in! Either the username and password do not match or you have not validated your membership!<br />
    Please try again!<br />";
    include 'login_form.html';
  }   
}
?>[/code]

[leeming]

is this file include(), from another page? not 2 sure if you can have session_start() after output

[phporcaffeine]

session_start(); must be used before ANYTHING is sent to the browser, even white space (blank lines) can through it off.

In the case of includes and requires, be careful that you haven't streamed before you include/require

[king arthur]

If you take a look just above where this thread is, you'll see a sticky thread entitled "HEADER ERRORS - READ HERE BEFORE POSTING THEM". It's easy to miss it I guess.....

[onlyican]

ALL functions which send HTML headers (header(), session_start(), ob_start()....)
Must be before <html>, before the doctype

phpORcaffine: Sort out your footer

[phporcaffeine]

I had not edited my profile since the layout change, I just forgot about my tag

- la8erz

[quote author=onlyican link=topic=103095.msg410262#msg410262 date=1154795514]
ALL functions which send HTML headers (header(), session_start(), ob_start()....)
Must be before <html>, before the doctype

phpORcaffine: Sort out your footer
[/quote]

[AdRock]

The file i have that I have the problem with is called login.php and i call it using [b]index.php?page=login[/b]

Is this going to cause a problem?  Do i have to put the session start in the index page?  Or do I have to put <html> tags in this file?

Thanks for your all help

[phporcaffeine]

[quote author=AdRock link=topic=103095.msg410304#msg410304 date=1154801799]
The file i have that I have the problem with is called login.php and i call it using [b]index.php?page=login[/b]

Is this going to cause a problem?  Do i have to put the session start in the index page?  Or do I have to put <html> tags in this file?

Thanks for your all help
[/quote]

Regardless, the error you get means that SOMETHING (html, javascript, white space .. etc) is streaming before session_start().

Do you have any frames or iframes in either of the 2 pages (index or login)?

[onlyican]

if you are calling login.php through index, (include("login.php"))
Then the session_start(); needs to be at the top of index.php

Do you know
Search engines hate links like index.php?page=login

If you have the page built, just link to login.php

[redarrow]

search engines dont like php .

the best way around it is to have a index.html for better proformance for high ranking ok.

[onlyican]

search engines like php
I always find php pages on google

They dont like Dynamic links
You can mod-rewrite php to htm if you want tho