newbtophp Posted October 10, 2009 Share Posted October 10, 2009 Errors: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent If i remove it from the if statements it works fine :-\ My code: <?php if (isset($_FILES['file'])) { $file = file_get_contents($_FILES['file']['tmp_name']); $submit = $_POST['submit']; if($file == "") echo "No file selected"; else { if($submit == "Decode") { if (preg_match('/lock/', $file)) { error_reporting (E_ERROR | E_WARNING | E_PARSE); session_start(); set_magic_quotes_runtime(0); if (function_exists('get_magic_quotes_gpc')) { $magic_quotes_gpc = get_magic_quotes_gpc(); } else { $magic_quotes_gpc = ini_get('magic_quotes_gpc'); } $register_globals = @ini_get('register_globals'); if(PHP_VERSION < '4.1.0') { $_GET = &$HTTP_GET_VARS; $_POST = &$HTTP_POST_VARS; $_COOKIE = &$HTTP_COOKIE_VARS; $_SERVER = &$HTTP_SERVER_VARS; $_ENV = &$HTTP_ENV_VARS; $_FILES = &$HTTP_POST_FILES; } if(!$register_globals || !$magic_quotes_gpc) { @extract($_POST, EXTR_OVERWRITE); @extract($_GET, EXTR_OVERWRITE); if(!$register_globals && is_array($_FILES) && count($_FILES)) { foreach($_FILES as $key => $val) { $$key = $val['tmp_name']; ${$key.'_name'} = $val['name']; ${$key.'_size'} = $val['size']; ${$key.'_type'} = $val['type']; } } } if (!$magic_quotes_gpc) { foreach($_POST as $key => $val) { $_POST[$key]=saddslashes($val); } foreach($_GET as $key => $val) { $_GET[$key]=saddslashes($val); } } function saddslashes($string) { if (is_array($string) && count($string)) { foreach ($string as $key => $val) { $string[$key] = saddslashes($val, $force); } } else { $string = addslashes($string); } return $string; } } } } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/ Share on other sites More sharing options...
.josh Posted October 10, 2009 Share Posted October 10, 2009 http://www.phpfreaks.com/forums/index.php/topic,37442.0.html Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934425 Share on other sites More sharing options...
cags Posted October 10, 2009 Share Posted October 10, 2009 This seems to be one of the most common things posted here on the forums and I just don't get why. You cannot call any function that modifiers headers after any call or echo, print or any other funtion that outputs information. In this case it is session_start (as the error message tells you), move it to the top of the script. EDIT: And check the link Crayon Violent posted. I couldn't be bothered to find the link. Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934429 Share on other sites More sharing options...
newbtophp Posted October 10, 2009 Author Share Posted October 10, 2009 I moved the session_start() to the top and I got: Warning: copy(<?php ...... in /home/forums/public_html/index.php on line 120 lock.php file upload failed! This is the part where the error apears: $_SESSION['session_key']=md5(microtime() * 1000000); $SessionKeyRoot=LOCKED_ROOT.$_SESSION['session_key']; if (!file_exists($SessionKeyRoot)) { mkdir($SessionKeyRoot, 0777); } $lock_copy=copy($file,$SessionKeyRoot.'/lock.dat'); //LINE 120 :-\ if (!$lock_copy) { echo "lock.php file upload failed!"; exit; } This is the whole file (which gives the errors): <?php define('CRACK_ROOT',dirname(__FILE__ ? __FILE__ : getenv('SCRIPT_FILENAME'))); define('LOCKED_ROOT','/home/forums/files/'); define('CRACK_FILE','/home/forums/public_html/lock/crack.php'); error_reporting (E_ERROR | E_WARNING | E_PARSE); //I moved this chunk to the top to avoid the session and headers error session_start(); set_magic_quotes_runtime(0); if (function_exists('get_magic_quotes_gpc')) { $magic_quotes_gpc = get_magic_quotes_gpc(); } else { $magic_quotes_gpc = ini_get('magic_quotes_gpc'); } $register_globals = @ini_get('register_globals'); if(PHP_VERSION < '4.1.0') { $_GET = &$HTTP_GET_VARS; $_POST = &$HTTP_POST_VARS; $_COOKIE = &$HTTP_COOKIE_VARS; $_SERVER = &$HTTP_SERVER_VARS; $_ENV = &$HTTP_ENV_VARS; $_FILES = &$HTTP_POST_FILES; } if(!$register_globals || !$magic_quotes_gpc) { @extract($_POST, EXTR_OVERWRITE); @extract($_GET, EXTR_OVERWRITE); if(!$register_globals && is_array($_FILES) && count($_FILES)) { foreach($_FILES as $key => $val) { $$key = $val['tmp_name']; ${$key.'_name'} = $val['name']; ${$key.'_size'} = $val['size']; ${$key.'_type'} = $val['type']; } } } if (!$magic_quotes_gpc) { foreach($_POST as $key => $val) { $_POST[$key]=saddslashes($val); } foreach($_GET as $key => $val) { $_GET[$key]=saddslashes($val); } } function saddslashes($string) { if (is_array($string) && count($string)) { foreach ($string as $key => $val) { $string[$key] = saddslashes($val, $force); } } else { $string = addslashes($string); } return $string; } ?> <title>Welcome</title> <form action="<?=$_SERVER["PHP_SELF"]?>" method="post" enctype="multipart/form-data" > <input name="file" type="file" value="Upload"/> <input type="submit" name="submit" value="Submit" /> </form> <?php if (isset($_FILES['file'])) { $file = file_get_contents($_FILES['file']['tmp_name']); $submit = $_POST['submit']; if($file == "") echo "No file selected"; else { if($submit == "Submit") { //basic validation to check if its the right file i want if (preg_match('/lock/', $file)) { /* empty the session */ $_SESSION['key']=''; $_SESSION['next']=false; $_SESSION['zlib']=false; $_SESSION['session_key']=''; if ($file_size >=1024*1024) {// 1mb echo "files more than 1mb!"; exit; } else if (strtolower($file_name)!="lock.php") { echo "<center>The uploaded file is not lock.php!"; exit; } else { $_SESSION['session_key']=md5(microtime() * 1000000); $SessionKeyRoot=LOCKED_ROOT.$_SESSION['session_key']; if (!file_exists($SessionKeyRoot)) { mkdir($SessionKeyRoot, 0777); } $lock_copy=copy($file,$SessionKeyRoot.'/lock.dat'); if (!$lock_copy) { echo "lock.php file upload failed!"; exit; } unlink($file); $_SESSION['next'] = true; /* access key */ ob_start(); $lock_file=CRACK_FILE; include_once $SessionKeyRoot.'/lock.dat'; $lock_lock_de=base64_decode($lock_lock); if (@ gzinflate($lock_lock_de)) { $lock_lock_de=gzinflate($lock_lock_de); while (1) { $lock_lock_de=str_replace("eval","\$lock_lock_de=",$lock_lock_de); eval($lock_lock_de); if (strtolower(substr($lock_lock_de,0,4))!="eval") break; } } @preg_match_all("/lock_unlock=\"(.*?)\"/i",$lock_lock_de,$PassOut); $_SESSION['key']=$PassOut[1][0]; ob_end_clean(); if ($lock_usezlib == "^") $_SESSION['zlib']=true; } echo "<center><div>lock.php uploaded successfully!</div><a href=\"lock/next.php\">click here to proceed</a>"; } } } } ?> My original file works perfectly (no errors) which is: <?php define('CRACK_ROOT',dirname(__FILE__ ? __FILE__ : getenv('SCRIPT_FILENAME'))); define('LOCKED_ROOT','/home/forums/files/'); define('CRACK_FILE','/home/forums/public_html/lock/crack.php'); error_reporting (E_ERROR | E_WARNING | E_PARSE); session_start(); set_magic_quotes_runtime(0); if (function_exists('get_magic_quotes_gpc')) { $magic_quotes_gpc = get_magic_quotes_gpc(); } else { $magic_quotes_gpc = ini_get('magic_quotes_gpc'); } $register_globals = @ini_get('register_globals'); if(PHP_VERSION < '4.1.0') { $_GET = &$HTTP_GET_VARS; $_POST = &$HTTP_POST_VARS; $_COOKIE = &$HTTP_COOKIE_VARS; $_SERVER = &$HTTP_SERVER_VARS; $_ENV = &$HTTP_ENV_VARS; $_FILES = &$HTTP_POST_FILES; } if(!$register_globals || !$magic_quotes_gpc) { @extract($_POST, EXTR_OVERWRITE); @extract($_GET, EXTR_OVERWRITE); if(!$register_globals && is_array($_FILES) && count($_FILES)) { foreach($_FILES as $key => $val) { $$key = $val['tmp_name']; ${$key.'_name'} = $val['name']; ${$key.'_size'} = $val['size']; ${$key.'_type'} = $val['type']; } } } if (!$magic_quotes_gpc) { foreach($_POST as $key => $val) { $_POST[$key]=saddslashes($val); } foreach($_GET as $key => $val) { $_GET[$key]=saddslashes($val); } } function saddslashes($string) { if (is_array($string) && count($string)) { foreach ($string as $key => $val) { $string[$key] = saddslashes($val, $force); } } else { $string = addslashes($string); } return $string; } if ($submit=='Submit') { /* empty the session */ $_SESSION['key']=''; $_SESSION['next']=false; $_SESSION['zlib']=false; $_SESSION['session_key']=''; if ($file_size >=1024*1024) {// 1mb echo "files more than 1mb!"; exit; } else if (strtolower($file_name)!="lock.php") { echo "<center>The uploaded file is not lock.php!"; exit; } else { $_SESSION['session_key']=md5(microtime() * 1000000); $SessionKeyRoot=LOCKED_ROOT.$_SESSION['session_key']; if (!file_exists($SessionKeyRoot)) { mkdir($SessionKeyRoot, 0777); } $lock_copy=copy($file,$SessionKeyRoot.'/lock.dat'); if (!$lock_copy) { echo "lock.php file upload failed!"; exit; } unlink($file); $_SESSION['next'] = true; /* access key */ ob_start(); $lock_file=CRACK_FILE; include_once $SessionKeyRoot.'/lock.dat'; $lock_lock_de=base64_decode($lock_lock); if (@ gzinflate($lock_lock_de)) { $lock_lock_de=gzinflate($lock_lock_de); while (1) { $lock_lock_de=str_replace("eval","\$lock_lock_de=",$lock_lock_de); eval($lock_lock_de); if (strtolower(substr($lock_lock_de,0,4))!="eval") break; } } @preg_match_all("/lock_unlock=\"(.*?)\"/i",$lock_lock_de,$PassOut); $_SESSION['key']=$PassOut[1][0]; ob_end_clean(); if ($lock_usezlib == "^") $_SESSION['zlib']=true; } echo "<center><div>lock.php uploaded successfully!</div><a href=\"".dirname($_server["php_self"])."next.php\">click here to proceed to the next step</a>"; exit; } ?> <script language="javascript" type="text/javascript"> function checkform(form) ( var lock_file = form.file.value; if (lock_file =="") ( alert ( "Please upload the lock.php file!"); return false; } else { var lock_file_arr=lock_file.replace(/\\/gi,"/"); lock_file_arr=lock_file_arr.split("/"); var lock_file_name=lock_file_arr[lock_file_arr.length-1].tolowercase(); if (lock_file_name!="lock.php"){ alert ("Your uploaded file is not lock.php!"); return false; } } } </script> <form method="post" enctype="multipart/form-data" action="<?=$_SERVER["PHP_SELF"]?>" onSubmit="return CheckForm(this);"> Please upload lock.php<BR> <input type="file" name="file" /> <input type="submit" name="submit" value="Submit"/> </form> Anyone can help please? :-\ :-\ Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934438 Share on other sites More sharing options...
newbtophp Posted October 10, 2009 Author Share Posted October 10, 2009 All help is greatly apreciated lol Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934475 Share on other sites More sharing options...
PFMaBiSmAd Posted October 10, 2009 Share Posted October 10, 2009 The actual error message tells you where the output is occurring at that is preventing the session_start() from working. Find what is causing that output first. Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934482 Share on other sites More sharing options...
newbtophp Posted October 10, 2009 Author Share Posted October 10, 2009 I tried which is why i moved the code which contained: session_start() to the header. But then another error apeared "Warning copy..." edit: im not sure why because the original file works great. Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934540 Share on other sites More sharing options...
PFMaBiSmAd Posted October 10, 2009 Share Posted October 10, 2009 The entire message STATES why the copy() failed. Of the 3-4 possible reasons, how would be know which one (the solution is different for each possible reason) unless you provide the relavant information from the error message. Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934542 Share on other sites More sharing options...
cags Posted October 10, 2009 Share Posted October 10, 2009 Judging by the error message my best guess is you don't have permission to either copy the original file or write to the directory. Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934543 Share on other sites More sharing options...
newbtophp Posted October 10, 2009 Author Share Posted October 10, 2009 *Slaps self" Im sooo stupid!!!!!!!!!! Solved. Thanks Cags, Crayon Violent and PFMaBiSmAd! Quote Link to comment https://forums.phpfreaks.com/topic/177215-solved-warning-session_start-functionsession-start/#findComment-934561 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.