Having trouble with session_regenerate_id()

[offdarip]

Why am i Getting this?

 

Warning: session_regenerate_id() [function.session-regenerate-id]: Cannot regenerate session id - headers already sent in .....

<?php

if(isset ($_POST['email'])){

//Start session
session_start();

require_once "scripts/mysqlconnect.php";

$remember = $_POST['remember']; // Added for the remember me feature

// Make the posted variable SQL safe
$email = eregi_replace("`", "", mysql_real_escape_string(strip_tags($_POST['email'])));
$password = md5(eregi_replace("`", "", mysql_real_escape_string(strip_tags($_POST['password']))));

// Create query. !! You need to rename your 'username' column in your database to 'email' !!
$qry = "SELECT * FROM members WHERE email='$email' AND password='$password' AND email_activated='1'";
// Run query
$result=mysql_query($qry);

//Check whether the query was successful or not
if($result) {
	// If one row was returned (if there was a match)
	if(mysql_num_rows($result) == 1) {
		// Login Successful
		// Get a new session ID
		session_regenerate_id();
		// Get the row as an array
		$member = mysql_fetch_assoc($result);
		// Create session variables
		$_SESSION['LOGINID'] = $member['loginid'];
		$_SESSION['EMAIL'] = $member['email'];
		$_SESSION['USERNAME'] = $member['username'];

		// Stop writing to the session
		session_write_close();

		// Create a variable for the member ID, you can't include $member['id'] in the SQL statement
		$id = $member['loginid'];		

		// Update the table with the current time
		mysql_query("UPDATE members SET last_log_date=NOW() WHERE loginid='$id'"); 

		// Remember Me Section Addition... if member has chosen to be remembered in the system
	    if($remember == "yes") {
	      setcookie("idCookie", $id, time()+60*24*60*60, "/");
	      setcookie("usernameCookie", $username, time()+60*24*60*60, "/");
	      setcookie("emailCookie", $email, time()+60*24*60*60, "/");
	      setcookie("passwordCookie", $password, time()+60*24*60*60, "/");
	    }	

	// Redirect to the members only page
	//header("location: ".$_SERVER['PHP_SELF']."");
   /* Quick self-redirect to avoid resending data on refresh */
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[php_SELF]\">";
   return;


	exit(); }

} else {
	die("Query failed");
}
} 
?>
<style type="text/css">
<!--
body {
margin-left: 0px;
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
color: #0F0;
}
#apDiv1 {
position:relative;
width:241px;
height:0px;
z-index:1;
left: -270px;
top: 0px;
}
-->
</style><div align="center">
  <div id="apDiv1">
    <form action="" method="post">
      <p>Email
        <input type="text" name="email" id="email" size="15" />
      </p>
      <p>Password
        <input type="password" name="password" id="password" size="15"/>
      </p>
      <p>
        Remember
        <input type="checkbox" name="Remember" id="Remember" /><input name="Submit" type="submit" value="Login"/>
      </p>
    </form>
  </div>
  <img src="/images/header.jpg" width="950" height="100" />
</div>

[PFMaBiSmAd]

If you read the error message, it tells you where the output is occurring at that is preventing the session_regenerate_id() from working. You would need to find and eliminate that output.

[offdarip]

It says its coming from line 27 but line 27 is session_regenerate_id()

[Oziam]

try

 

ob_start();

 

session_regenerate_id();

 

ob_end_flush();

 

EDIT: put ob_start(); just before the line require_once "scripts/mysqlconnect.php";

 

usually this error is caused when you try to send headers after they are already sent, so you need to set ob_start() function to send them to the buffer.

[offdarip]

Thanks for the replies but still no good.. same error just bumped down to line 29 because of the addition to script.. Any other ideas?

[Pikachu2000]

Paste the actual error here.

[offdarip]

Warning: session_regenerate_id() [function.session-regenerate-id]: Cannot regenerate session id - headers already sent in /hermes/bosweb/web263/b2638/ipw.mysite/public_html/header_tmpnite.php on line 27

[Oziam]

session_start(); should always be at the start of your page BEFORE any data is output!!!!

 

<?PHP

session_start();

 

// rest of code!

 

also see this! http://www.phpfreaks.com/forums/index.php/topic,37442.0.html

[offdarip]

Thank you for the tip, I changed it but that still did not correct the problem

[PFMaBiSmAd]

Unfortunately, the error message doesn't include the most important piece of information, where the output is occurring at.

 

Since your session_start() is working without producing an error and I don't see any code that is sending output, it's likely that your mysqlconnect.php file is sending something out to the browser.

 

If you put your require_once "scripts/mysqlconnect.php"; statement before the session_start(), you will likely get an error message from the session_start that tells you there is some output from the mysqlconnect.php file and as has already been stated, you must find and eliminate the output that is occurring.

[offdarip]

This is all i have in the mysqlconnect.php

<?php 

$db_host = "********";
// Username
$db_username = "********"; 
// Password
$db_pass = "*******"; 
//MySQL database 
$db_name = "*******";

// Run the connection here 
@mysql_connect("$db_host","$db_username","$db_pass") or die ("could not connect to mysql");
@mysql_select_db("$db_name") or die ("no database");
?>

[PFMaBiSmAd]

I didn't ask what you had in it, I suggested what you can do to find out where the output is occurring at.

 

You likely have some character(s) either before the <?php tag or after the ?> tag or the file has been saved with UFT-8 encoding and the Byte Order Mark characters are the output that is causing the problem.

[offdarip]

one other thing the error pops up when login is submitted but only stays for a second and redirects logged in... The 1st thing i check was if there was anything (spaces,etc.) before of after the

<?php ?>

[Pikachu2000]

The redirect is happening because you're using a meta refresh. Are there any other errors shown, or is that the only one?

[offdarip]

That is the only error showing and i am aware of the refresh i was just pointing that out that the login does work but the session_regenerate_id() part just errors out

[Pikachu2000]

Something is being sent to the browser before the session_regenerate_id() is called. Perhaps temporarily commenting out the meta refresh, and having a look at the html source will reveal something.