shinichi_nguyen Posted January 8, 2010 Share Posted January 8, 2010 I wanted to ask step by step but I'll post all question regarding to this issue in one post. Please help me separately each. Here is the checklogin.php <?php $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; echo $myusername; //for testing purpose; echo $mypassword;// for testing purpose; if (!isset($myusername) || !isset($mypassword)) { echo "Dont go straight to this page please. Use the login form!"; header("location:http://www.mysite.com/login.html"); } //check that the form fields are not empty, and redirect back to the login page if they are elseif (empty($myusername) || empty($mypassword)) { echo "Blank username and password";// for testing purpose header( "location:http://www.mysite.com/login.html" ); } else{ echo "User name and password are entered";// for testing purpose $host="localhost"; // Host name $username="myusername"; // Mysql username $password="mypassword"; // Mysql password $db_name="mydbname"; // Database name $tbl_name="mytablename"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword //$myusername=$_POST['myusername']; //$mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count== 1){ while($row = mysql_fetch_array($result)) { //start the session and register a variable session_start(); session_register('mysession'); //successful login code will go here... echo 'Success!'; //we will redirect the user to another page where we will make sure they're logged in header( "location:http://www.mysite.com/administrative.php" ); } } else { //if nothing is returned by the query, unsuccessful login code goes here... echo 'Incorrect login name or password. Please try again.'; } } ?> 1. During I test the page, when log in success, it post out those message: (I had to alter anything that similar to the real page): bla-usernamebla-passwordUser name and password are entered Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/bla/public_html/checklogin.php:5) in /home/bla/public_html/checklogin.php on line 51 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/bla/public_html/checklogin.php:5) in /home/bla/public_html/checklogin.php on line 51 Success! Warning: Cannot modify header information - headers already sent by (output started at /home/bla/public_html/checklogin.php:5) in /home/bla/public_html/checklogin.php on line 56 2. When I hit submit without entering anything, this one show up: Blank username and password Warning: Cannot modify header information - headers already sent by (output started at /home/bla/public_html/checklogin.php:14) in /home/bla/public_html/checklogin.php on line 15 3. When I type to go straight to the administrative.php page which user supposed to log in successful first and being transferred to, yet this message show up: Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/bla/public_html/administrative.php:2) in /home/bla/public_html/administrative.php on line 3 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/bla/public_html/administrative.php:2) in /home/bla/public_html/administrative.php on line 3 Warning: Cannot modify header information - headers already sent by (output started at /home/bla/public_html/administrative.php:2) in /home/bla/public_html/administrative.php on line 5 Log in successful!! ================== Why it says "log in successful?" and why duplicate warning messages? Can you help me modify the code? Thank you Following is the administrative.php code <? session_start(); if(!session_is_registered('mysession')){ header("location:http://www.mysite.com/login.html"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Administrative page</title> </head> <body> <h2>Log in successful!!</h2> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/187764-question-log-in-process-problem/ Share on other sites More sharing options...
mikesta707 Posted January 8, 2010 Share Posted January 8, 2010 Right before any of your headers/session_starts() you have an echo. This is the problem. You can't send a header if you output something to the page. I realize those echo's are there for testing purposes, but if you want your headers to work, you need to get rid of them. also, session_register() is deprecated. above PHP version 4.2 (i think) you can simply do this $_SESSION['whatever'] = "value"; and it is the exact same. read up on headers for more info Quote Link to comment https://forums.phpfreaks.com/topic/187764-question-log-in-process-problem/#findComment-991333 Share on other sites More sharing options...
shinichi_nguyen Posted January 8, 2010 Author Share Posted January 8, 2010 I'm new to php, and so far as I know of header is a command to re-direct to another page. That's why I use it. I read the head page link in your reply, and still dont understand it. If we cannot put anything before "header" then how would I fix my code? This is my first strike: <?php if (!isset($_POST['myusername']) || !isset($_POST['mypassword']) { header("location:http://www.mysite.com/login.html"); echo "Dont go straight to this page please. Use the login form!"; } //check that the form fields are not empty, and redirect back to the login page if they are elseif (empty($_POST['myusername']) || empty($_POST['mypassword'])) { header( "location:http://www.mysite.com/login.html" ); echo "Blank username and password";// for testing purpose } else{ echo "User name and password are entered";// for testing purpose $host="localhost"; // Host name $username="myusername"; // Mysql username $password="mypass"; // Mysql password $db_name="mydbname"; // Database name $tbl_name="mytablename"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count == 1){ while($row = mysql_fetch_array($result)) { //start the session and register a variable session_start(); $_SESSION['mysession']="mysession"; //successful login code will go here... echo 'Success!'; //we will redirect the user to another page where we will make sure they're logged in header( "location:http://www.mysite.com/administrative.php" ); } } else { //if nothing is returned by the query, unsuccessful login code goes here... echo 'Incorrect login name or password. Please try again.'; } } ?> And it still doesnot work! I put in correct user and password, it says log in sucesss with the warning: Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/bla/public_html/checklogin.php:15) in /home/bla/public_html/checklogin.php on line 46 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/bla/public_html/checklogin.php:15) in /home/bla/public_html/checklogin.php on line 46 Success! Warning: Cannot modify header information - headers already sent by (output started at /home/bla/public_html/checklogin.php:15) in /home/bla/public_html/checklogin.php on line 51 and why 3 warning again? got soemthing to do with the header, i believe, but how can there should be nothing above the header? it is under the if statement...well, it's into the code!! I'm confused! Quote Link to comment https://forums.phpfreaks.com/topic/187764-question-log-in-process-problem/#findComment-991391 Share on other sites More sharing options...
shinichi_nguyen Posted January 9, 2010 Author Share Posted January 9, 2010 Please ignore all the code I post as well as the problem I asked before this message. Cos this time, I don't get any warning or notice (thanks God and thanks to you guys too). I think I'm about to get it work but still something missing here. Please revise my code and let me know how to fix the problem number: 1. Why either I enter anything into login form or enter nothing or go straight to the administrative.php page (where registered user can do something else after log in successful), it takes me back to the login.html. 2. It is so cold. It does not say anything to user to let him/her know if no info is inputted or wrong username or password or "you have to log in to get to this page" message. I dont know how to add those messages in without causing the header is already sent problem or any other problem. Conclusion: basically, i dont know if it works or not! Whatever I do, it bring me back to the login form! please revise my code! Thank you Here is the code of 2 files: checklogin.php and administrative.php. Checklogin.php <?php if (!isset($_POST['myusername']) || !isset($_POST['mypassword'])) { header("location:http://www.mysite.com/login.html"); } //check that the form fields are not empty, and redirect back to the login page if they are elseif (empty($_POST['myusername']) || empty($_POST['mypassword'])) { header( "location:http://www.mysite.com/login.html" ); } else{ $host="localhost"; // Host name $username="mysqlusername"; // Mysql username $password="mypassword"; // Mysql password $db_name="mydbname"; // Database name $tbl_name="mytablename"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count == 1){ while($row = mysql_fetch_array($result)) { //start the session and register a variable session_start(); $_SESSION['mysession']="mysession"; //successful login code will go here... //we will redirect the user to another page where we will make sure they're logged in header( "location:http://www.mysite.com/administrative.php" ); echo 'Success!'; } } else { //if nothing is returned by the query, unsuccessful login code goes here... header( "location:http://www.mysite.com/login.html" ); echo 'Incorrect login name or password. Please try again.'; } } ?> administrative.php <? if($_SESSION['mysession']<>'mysession'){ header("location:http://www.mysite.com/login.html"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Administrative page</title> </head> <body> <h2>Log in successful!!</h2> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/187764-question-log-in-process-problem/#findComment-991449 Share on other sites More sharing options...
shinichi_nguyen Posted January 13, 2010 Author Share Posted January 13, 2010 Please help. Quote Link to comment https://forums.phpfreaks.com/topic/187764-question-log-in-process-problem/#findComment-994368 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.