markspec87 Posted September 5, 2006 Share Posted September 5, 2006 Got a couple of questions i need help with.Firstly i have a signup and login script. Signup works but when people login it says[quote]Warning: Cannot modify header information - headers already sent by (output started at /home/terraarm/public_html/includes/login.php:3) in /home/terraarm/public_html/includes/login.php on line 29[/quote]Ive eliminated al lthe white space and stuff from the file but it still throws this errorFIle contents:[quote]<?phpecho "<html>";echo "<head>";echo "<title>Login</title>";echo "</head>";echo "<body>";$server = "REMOVED"; // db host$db_user = "REMOVED"; // db username$db_pass = "REMOVED"; // db password$database = "REMOVED"; // db name// connect to the mysql server$link = mysql_connect($server, $db_user, $db_pass)or die ("Could not connect to mysql because ".mysql_error());// select the databasemysql_select_db($database)or die ("Could not select database because ".mysql_error());$match = "select id from member where username = '".$_POST['username']."'and password = '".$_POST['password']."';"; $qry = mysql_query($match)or die ("Could not match data because ".mysql_error());$num_rows = mysql_num_rows($qry); if ($num_rows <= 0) { echo "Sorry, there is no username $username with the specified password.<br>";echo "<a href=login.php>Try again</a>";exit; } else {setcookie("loggedin", "TRUE", time()+(3600 * 24));setcookie("mysite_username", "$username");echo "You are now logged in!<br>"; echo "Continue to the <a href=index.php>members</a> section.";}echo "</body>";echo "</html>";?>[/quote]Any ideas?question 2: using that script above how could i check a user is logged in and what rights? (i.e if they have access level 2, they can see the admin panel)thanks Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/ Share on other sites More sharing options...
wildteen88 Posted September 5, 2006 Share Posted September 5, 2006 Try this:[code]<?php$header = <<<HTML<html><head><title>Login</title></head><body>HTML;$server = "REMOVED"; // db host$db_user = "REMOVED"; // db username$db_pass = "REMOVED"; // db password$database = "REMOVED"; // db name// connect to the mysql server$link = mysql_connect($server, $db_user, $db_pass) or die ("Could not connect to mysql because ".mysql_error());// select the databasemysql_select_db($database) or die ("Could not select database because ".mysql_error());$match = "select id from member where username = '".$_POST['username']."' and password = '".$_POST['password']."';";$qry = mysql_query($match)or die ("Could not match data because ".mysql_error());$num_rows = mysql_num_rows($qry);if ($num_rows <= 0){ echo $header; echo "Sorry, there is no username $username with the specified password.<br />"; echo "<a href=login.php>Try again</a>"; exit;}else{ setcookie("loggedin", "TRUE", time()+(3600 * 24)); setcookie("mysite_username", "$username"); echo $header; echo "You are now logged in!<br />"; echo "Continue to the <a href=\"index.php\">members</a> section.";}echo "</body>";echo "</html>";?>[/code]Notice I put the html into a variable and echo'd it later on. This is because you cannot use header or setcookie after any output is sent to the browser. So if theres any html/text that needs outputting it'll have to be done after you use header/setcookie or anyother header function.Ideally what you should do is do all the processing first and then output the result from the processing, rather output > process a bit > output something else > process something else etc Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/#findComment-86474 Share on other sites More sharing options...
ober Posted September 5, 2006 Share Posted September 5, 2006 You cannot use an echo before you use setcookie() or ANYTHING that might send output to the file that you are transmitting to the user.You would have to use another cookie to set the user's level, but be aware that this should be encoded somehow. They could potentially hack the cookie and change the value to allow themselves into your forums. It's best to just check the user's level from the database each time.EDIT: beaten to it. Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/#findComment-86475 Share on other sites More sharing options...
markspec87 Posted September 5, 2006 Author Share Posted September 5, 2006 Thanks for that revised code, works a treat.Now my second Question :)Now the use ris logged in using that, how could i A) say "welcome *username here"B) Allow viewing of some webpages based on thier accesslevel.I.e if the database column level = 2 for the logge din user, they can view the pages contents.Sorry about the beginner questions but im just getting ym head around more advanced php. Ive never used cookies before. Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/#findComment-86482 Share on other sites More sharing options...
ober Posted September 5, 2006 Share Posted September 5, 2006 1) echo "Welcome " . $_COOKIE['mysite_username'];2) Depends on your implementation... sessions or cookies:<?phpif($_SESSION['user_level'] == 2){ echo "whatever content";}else{ echo "other content";}?> Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/#findComment-86483 Share on other sites More sharing options...
markspec87 Posted September 5, 2006 Author Share Posted September 5, 2006 How would i do it based on what the above login script is using?EDIT: also could the welcome message say that, but if they arent logged in say "your not logged in, signup here" etcthanks for all your help. Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/#findComment-86486 Share on other sites More sharing options...
ober Posted September 5, 2006 Share Posted September 5, 2006 Well, you haven't implemented anything as far as user levels in that script or indicated whether you want to use cookies or sessions.As far as that, you just have to check if the cookie is set:[code]<?phpif(!isset($_COOKIE['mysite_username'])){ echo "Please signup";}else{ echo "Welcome ....";}?>[/code] Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/#findComment-86493 Share on other sites More sharing options...
markspec87 Posted September 5, 2006 Author Share Posted September 5, 2006 Ok ive signed up on the site / Logged in ,yet the text still says "your not logged in"Am i missing something? Quote Link to comment https://forums.phpfreaks.com/topic/19779-cannot-modify-header-error-how-to-detect-login-rights/#findComment-86503 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.