trying to register a session

[Jeffrey87]

Hi,

I'm having a problem registering a session.

 

In the code below I establish the connection, print the contents of the database and process the incoming information from a login form.

 

Then it is supposed to go to the login_success.php page.

 

It never makes it. Here's the code:

 

<?php  

ini_set('display_errors', 1);
error_reporting(E_ALL ^ E_NOTICE);

$hostname='jwebster429.db.xxxxxxx.hostedresource.com';
$username='jwebster429';
$password='xxxxxxxxxx';
$dbname='jwebster429'; 

$connection=mysql_connect($hostname, $username, $password) or die(mysql_error());
echo "Connected to MySQL<br />";

mysql_select_db($dbname) or die(mysql_error());
echo "Connected to Database <br />";



$result = mysql_query("SELECT * FROM members")
or die(mysql_error()); 
  
echo "Made it through Select From";
echo "<br />";
echo "Printing contents of array";
echo "<br />";
while($row = mysql_fetch_array($result))
  {
  echo $row['id'] . " " . $row['username'] . "  " . $row['password'] . "<br />" ;
  echo "<br />";
  }
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
echo "<br />";
echo $myusername;
echo "<br />";
echo $mypassword;
echo "<br />";

$sql="SELECT * FROM members WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);


$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1)
{
   // Register $myusername, $mypassword and redirect to file "login_success.php"
   header("location:login_success.php");
   session_register("myusername");
   session_register("mypassword");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();



?> 

 

It makes it through all of the initial tests, that is it is definitely connecting to the database and the existing members are listed properly. However it doesn't want to register the session.

 

Here's what it is telling me

 

Warning: Cannot modify header information - headers already sent by (output started at /home/content/m/a/g/maggie432/html/message_board/checkLogin.php:5) in /home/content/m/a/g/maggie432/html/message_board/checkLogin.php on line 60

 

I don't understand this error message. Yes, I've googled this, but the explanations don't make sense to me.

 

Here's what php.net has to say about this:

Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP.

 

 

Is it saying that somehow something has been prematurely sent to login_success.php. To my knowledge nothing is being sent... or is it?

 

I admit cookies and sessions are pretty confusing to me.

 

Any help would be appreciated;-)

[Ken2k7]

Hello Jeffrey87,

This is in the wrong section. It's not a MySQL issue.

 

The issue is pretty apparent from the error messages you get. You can't use header after you output text onto the screen. Look at your echos before the header line. Those outputs before the header is the cause.

 

Ken

[Jeffrey87]

Hi Ken,

Well, I toyed with putting it in the general PHP section but figured it had too much mySql code in it.

 

If someone seconds the opinion that it is in the wrong section I'll move it.

 

Thanks,

Jeff

[Ken2k7]

Jeffrey87,

Don't worry about it. Let the mods take care of it. As long as your issue is resolved, no one cares.

 

Ken

[DavidAM]

It looks like some of those echos are for debugging, but I see a couple of other problems with the code:

 

1) Make sure the openning tag (<?php) starts at the very first character of the very first line.  You can NOT have any whitespace before it because that whitespace will be sent to the browser.

2) Set your session variables before calling the header() function.  Code after the header() function (with a location) is probably not going to execute.  That being said, always put an exit() after the header() call (with a location) so that the code after it will definitely NOT execute.

3) session_register() is depricated.  You should use $_SESSION['variableName'] instead.

 

[mikesta707]

as pointed out, you can't use headers if there has been output. You need to not output anything if you wish to use a header. You could also use a javascript or html redirect if you absolute must have output.

 

BTW. using session_register() is deprecated. You also don't have session_start() at the beginning of your page )which you need to use sessions)

 

session_register() has been replaced by doing something like this

$_SESSION['session_name'] = "session value";

 

that pretty much registers the session for you, and also assigns it a value.

 

as a side note, you seem to want to use output buffering (which is another work around to the header problem) if you do you also need ob_start() at the beginning of the page

[PFMaBiSmAd]

output started at /home/content/m/a/g/maggie432/html/message_board/checkLogin.php:5 (line 5)

If the posted code is checkLogin.php, then you have about 5 new-lines and what looks like a space before the first opening <?php tag. Remove all the crap before the <?php tag.

[DavidAM]

 

4) you never called session_start()

 

I don't know how I missed that ... not my fault though ... I don't make mistakes ... I thought I did once, but I was wrong ...

 

 

[Jeffrey87]

Hi,

Thanks for the suggestions. I've attempted to incorporate all of them but I just can't seem to get this thing to work. I think I'll try working from a different code sample, maybe something simpler, i.e. without the conditionals and database aspects.

 

Here's one of the latest iterations I've tried:

<?php  

ini_set('display_errors', 1);
error_reporting(E_ALL ^ E_NOTICE);

$hostname='jwebster429.db.xxxxxx.hostedresource.com';
$username='jwebster429';
$password='xxxxxxxxxxx';
$dbname='jwebster429'; 

$connection=mysql_connect($hostname, $username, $password) or die(mysql_error());

mysql_select_db($dbname) or die(mysql_error());

$result = mysql_query("SELECT * FROM members")
or die(mysql_error()); 


$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);


$sql="SELECT * FROM members WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);


$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1)
{

   // Register $myusername, $mypassword and redirect to file "login_success.php"
   $_SESSION['username'];
   $_SESSION['password'];
   session_start();
   header("location: http://www.nancepaglia.com/login_success.php");
   
}
else 
{
echo "Wrong Username or Password";
}

ob_end_flush();

?> 

 

 

I've tried moving around the session_start() statement to before and after the $_SESSION statements. Same error.

 

All spaces have been removed before either of the files (checkLogin.php and login_success.php). Same error occurs whether spaces exist or not.

 

I've tried replacing the header(location: ...) to both absolute and relative URLs and, again, same error.

 

Obviously there is something basic I'm just not getting.....

 

 

[PFMaBiSmAd]

Same error.

 

It is unlikely that the the error is exactly the same. Even if the line numbers changed, that is significant and would tell someone where and what the problem is and that would lead to a solution.

 

Post the exact error message you are getting with the code posted above.

[Jeffrey87]

I'm wrestling with odd server behavior as well, which seems to be a problem when dealing with Godaddy. With respect to your comment about being "exactly" the same. Yes the line numbers may shift but it is only because the offending lines have shifted around. The lines which generate the errors are $_SESSION statements.

 

Right now I have some arbitrary values assigned to the $_SESSION

 

A separate but equal problem is that the server doesn't seem to be going into either of the

[Jeffrey87]

[APP -accidental premature post :'(]

 

The separate but equal problem is the failure of the header statement to properly call the specified page so long as it comes after the $_SESSION statements. If it comes before them then the specified page does come up.

 

 

Which is what I'm using in the examples below:

 

if($count==1)
{
	 header("Location: http://google.com"); 

session_start();
$_SESSION['username']="An invader";
$_SESSION['password']="Geese";
   
}

 

pulls up the Google page

 

if($count==1)
{

session_start();
$_SESSION['username']="An invader";
$_SESSION['password']="Geese";
   header("Location: http://google.com"); 
  
}

 

Does not pull up the Google page.

 

I should mention that the errors I mentioned at the beginning do not usually appear if the $_SESSION variables are assigned values. In these examples I've used arbitrary values ("An invader" and "Geese") and I have not seen errors of that kind.

 

For now.

 

 

[PFMaBiSmAd]

The errors are generated at the header/session_start statement, but they are caused by the output that is being sent that then prevents the header/session_start from working. Until you find and eliminate the output that is being sent, you are doomed. If you cannot determine what is causing the output and you expect someone else to help, you need to post the error message and the corresponding code.