PHP Sessions Help - Noobie :(

[Karpaty]

Hi all,

 

Got a problem with my php Login page - whenever I click on "Login" a blank page appears, whereas it should take me back to the home page and replace "Login" button with the "Logout" button.

 

The code is as follows:

 

Login.php

 

<?php
session_start();
include("db_open.php");
//error_reporting(0); 

if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
  {
  die("You need to provide a username and password.");
  }
  // Create query
$q = "SELECT * FROM `members` "
  ."WHERE `username`='".$_POST["username"]."' "
  ."AND `password`='".$_POST["password"]."' "
  ."LIMIT 1";
// Run query
$r = mysql_query($q);

if ($obj=@mysql_fetch_object($r))
  { // Login good, create session variables
  $_SESSION["valid_id"]=$obj->id;
  $_SESSION["valid_user"]=$obj->username;
  $_SESSION["valid_email"]=$obj->email;
  $_SESSION["valid_time"]=time();
  Header("Location:index.php");
  }
else { // Login not successful
  die("Sorry, could not log you in. Wrong login information.");
  }
}
else { //If all went right the Web form appears and users can log in
echo "<form action=\"?op=login\" method=\"POST\">";
echo "Username: <input name=\"username\" size=\"15\" value=\"Roman\"><br />";
echo "Password: <input type=\"password\" name=\"password\" size=\"8\" value=\"admin\"><br />";
echo "<input type=\"submit\" value=\"Login\">";
echo "</form>";
}
?>

 

 

Index.php - menu part only

 

<?php
error_reporting(0);
session_start();

if (!$_SESSION["valid_user"]){
// if user not logged in, display login link
echo "<li><a href=\"login.php\">Login</a></li>";
}
else {
// if user is logged in, display user information and logout link
echo "<li><a href=\"logout.php\">Logout</a></li>";
echo "<p>User ID: " . $_SESSION["valid_id"];
echo "<p>Username: " . $_SESSION["valid_user"];
echo "<p>Email: " . $_SESSION["valid_email"];
echo "<p>Logged in: " . date("m/d/Y", $_SESSION["valid_time"]);
$id = $_SESSION["valid_id"];
}
?>

 

As said above, when I click on login a blank page appears...

I tested the code at home (am using WAMP SERVER),it works perfectly fine!

Then i tried it in the college, it just wouldnt work as intended (blank page)

 

I believe the session is registering, because when i added the following to the login page, it displays the correct info (see here):

 

  echo "Hello " . $_SESSION["valid_user"] . "<br/>";
  echo "UserID " . $_SESSION["valid_id"] . "<br/>";
  echo "Email " . $_SESSION["valid_email"] . "<br/>";
  echo "Time " . $_SESSION["valid_time"] . "<br/>";

 

Please advice

[Adam]

Do you have display_errors disabled?

[Karpaty]

Do you have display_errors disabled?

No, all I had was error_reporting(0); but I commented it out and still blank page

[mrMarcus]

why would you turn off all error_reporting?

 

replace error_reporting(0) with the following at the top of your scripts (it's best to keep these two lines in an included file so that when you go live, you can easily remove them as you do not want any errors to be displayed to the public):

 

ini_set ('display_errors', 1);
error_reporting (E_ALL);

 

2. remove the @ from this line as you should not be suppressing errors like this, especially in development:

 

if ($obj=@mysql_fetch_object($r))

 

3. add trigger_error () to your queries:

 

$r = mysql_query($q) or trigger_error ('MySQL Error: '. mysql_error());

 

and get back with results/errors.

[Karpaty]

Thanks, here's the error I got:

 

Warning: Cannot modify header information - headers already sent by (output started
at /homepages/37/d309246830/htdocs/test/login.php:1) 
in /homepages/37/d309246830/htdocs/test/secure/login.php on line 28

 

Line 28:

  Header("Location:index.php");

[mrMarcus]

the only thing i can really see right now is the possibility of whitespace before your opening <?php in login.php

 

to me it looks like there might be space there:

 

<whitespace here>???
<?php
session_start();
include("db_open.php");
//error_reporting(0);

 

or it just might be the way it's showing up here, i don't know.  if there is a space there, you must get rid of it as that whitespace is actually considered output to the browser which would throw a header error as there can be no output to the browser before headers are sent.

 

EDIT: here is more on error_reporting from the PHP Manual: Error Reporting

 

there you will see that adding a (0) as the argument for error_reporting actually turns off all reporting.

[Karpaty]

I actually checked for whitespaces (googled that error), and there are non - i also checked the included db_open.php file - looks fine too...

 

Not sure if it helps - i replaced the Header code with javascript code to redirect to the home page - seems to be working, but not in IE - explorer stills returns the same thing ie. blank page

[mrMarcus]

can you post db_open.php here, please.

[PFMaBiSmAd]

output started .. ../login.php:1 (line 1)

If you have no actual characters in the file before the <?php tag, then your file has been saved as a UTF-8 encoded file and the BOM (Byte Order Mark) characters that your editor put at the start of the file is the output. Either save your file as an ANSI/ASCII file or if you must save it as a UTF-8 encoded file, save it without the BOM characters.

[mrMarcus]

output started .. ../login.php:1 (line 1)

If you have no actual characters in the file before the <?php tag, then your file has been saved as a UTF-8 encoded file and the BOM (Byte Order Mark) characters that your editor put at the start of the file is the output. Either save your file as an ANSI/ASCII file or if you must save it as a UTF-8 encoded file, save it without the BOM characters.

 

that's why i figured there was whitespace before the opening tags

output started .. ../login.php:1 (line 1)

 

but i wouldn't have thought of how the file was saved.