simcoweb Posted September 22, 2006 Share Posted September 22, 2006 I modified this register.php script to include image CAPTCHA (courtesy of AndyB) and have it working in regards to validation. However, after validating everything and then executing the query, etc. I get a premature header error at the line redirecting the user to the next page. Here's the full code:[code]<?phpsession_start();// Turn on magic quotes to prevent SQL injection attacksif(!get_magic_quotes_gpc()) set_magic_quotes_runtime(1); if (isset($_POST['submit'])) {// clean and check form inputs including the secure image code $username = trim(strip_tags($_POST['username'])); $email = trim(strip_tags($_POST['email'])); $password = trim(strip_tags($_POST['password'])); $confirmPass = trim(strip_tags($_POST['confirmPass'])); $secure = strtoupper(trim(strip_tags($_POST['secure']))); $match = $_SESSION['loggedin']; // the code on the image// input error checking if ($username=="") { $err.= "Please provide a username<br/>"; } if (!$email) { $err.= "Please provide your email address<br>"; } if ($email) { if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { $err.= $email. " is not a valid email address.<br/>"; } } if ($password=="") { $err.= "Please provide password<br/>"; } if ($confirmPass=="") { $err.= "Please confirm your password.<br/>"; } if ($confirmPass != $password) { $err.= "Your passwords do not match. Please re-enter your passwords."; } if (!$secure) { $err.= "No security code entered<br/>"; } if (($secure!=$match) && ($secure!="")) { $err.= "Security code mismatch<br/>"; } if ($err=="") { // success - input passed all tests include 'dbconfig.php'; // Connect to database $eg_objConn1 = mysql_connect($dbhost, $dbuser, $dbpass); mysql_select_db($dbname, $eg_objConn1); //check if username already exists $sql_user_check = "SELECT * FROM plateau_pros WHERE username='$username'"; $result_name_check = mysql_query($sql_user_check); $usersfound = mysql_num_rows($result_name_check); mysql_query($sql_user_check); // if user found, note that and endif ($usersfound > 0) { $eg_error['username'] = "Username $username is already in use. Please choose another username to continue."; } else { // Upload File $eg_success_File1 = false; if(!empty($_FILES['photo']['name'])) { // Check file is not larger than specified maximum size $eg_allowUpload = $_FILES['photo']['size'] <= 100000 ? true : false; // Check file is of the specified type if($eg_allowUpload) $eg_allowUpload = preg_match('/\\.(gif|jpg|jpeg|png)$/i', $_FILES['photo']['name']) ? true : false; if($eg_allowUpload) { if(is_uploaded_file($_FILES['photo']['tmp_name'])) { $eg_uploaddir = $_SERVER['DOCUMENT_ROOT']."/images/photo/"; $eg_uploadFile1 = $eg_uploaddir.rawurlencode($_FILES['photo']['name']); // Create a unique filename for the uploaded file $eg_i = 1; while (file_exists($eg_uploadFile1)) { $eg_separated_filename = explode(".",$eg_uploadFile1); if (substr($eg_separated_filename[0],-1) == $eg_i) { $eg_separated_filename[0] = substr($eg_separated_filename[0], 0, (strlen($eg_separated_filename[0])-1)); $eg_i++; } $eg_separated_filename[0] = $eg_separated_filename[0] . "$eg_i"; $eg_uploadFile1 = implode(".",$eg_separated_filename); } $eg_success_File1 = move_uploaded_file($_FILES['photo']['tmp_name'], $eg_uploadFile1); } } } // Run query$sql = "INSERT INTO `plateau_pros`(`username`, `password`, `confirmPass`, `firstname`, `lastname`, `email`, `business`, `title`, `address`, `city`, `zip`, `phone`, `fax`, `mobile`, `category`, `comments`, `specialties`, `photo`) VALUES ('$username', '$password', '$confirmPass', '$firstname', '$lastname', '$email', '$business', '$title', '$address', '$city', '$zip', '$phone', '$fax', '$mobile', '$category', '$comments', '$specialties', '$photo')";mysql_query($sql) or die(mysql_error());$newid = mysql_insert_id();echo $sql;// $sql2 = "INSERT INTO members_cat (`memberid`, `categoryid`) VALUES ('$newid', '$catid')";// mysql_query($sql2) or die(mysql_error());// $sql3 = "INSERT INTO specialties (`memberid`, `specialties`) VALUES ('$newid' '$specialties')";// mysql_query($sql3) or die(mysql_error());// set session ID and redirect to login page upon success// Set Session Value //$_SESSION['loggedin'] = @$_POST['username']; // Go to page header("Location: login.php"); exit;}}}?>[/code]NOTE: Some items are commented out on purpose while I was testing to find the error(s). Here's the actual error message:[quote]Warning: Cannot modify header information - headers already sent by (output started at /home2/wwwplat/public_html/register-test.php:105) in /home2/wwwxxx/public_html/register-test.php on line 117[/quote]Normally this means there's some HTML parsing before the header() command but I don't see it. Help? Quote Link to comment Share on other sites More sharing options...
onlyican Posted September 22, 2006 Share Posted September 22, 2006 This happens when you try send HTM header once you sent the <html> codea simple solutionplace on_start();on the top of the scriptAlso noteat the top of THIS forumhttp://www.phpfreaks.com/forums/index.php/topic,37442.0.html Quote Link to comment Share on other sites More sharing options...
simcoweb Posted September 22, 2006 Author Share Posted September 22, 2006 The on_start(); right after the <?php causes a fatal error:Fatal error: Call to undefined function: on_start() in /home2/wwwxxxx/public_html/register-test.php on line 2Ok, that thread explains the header issue but i'm not seeing, based upon their ideal model, where i'm out of sync. [quote][PHP processing the form (if it was sent) and storing the results][HTML starting the page and layout][PHP echoing the results][form code if failed - exit(); if successful][/quote]Mine goes like this:PHP for validation and processing the form.PHP includes if statements for validation and error controlIf no errors it parses the form data, uploads the photo, and sends them to another page via 'header()' tag.HTML layout and codeIf i'm understanding this correctly about why there's errors, upon Submit it's sending an HTML header? And, once it hits my header() tag it snags the error due to the previously parsed HTML headers? Quote Link to comment Share on other sites More sharing options...
onlyican Posted September 22, 2006 Share Posted September 22, 2006 ob_start() sorrythen you can have headers() in the middle of the script Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.