zhshero Posted December 8, 2010 Share Posted December 8, 2010 everytime i go to login or register on my site i get this in the URL:http://localhost/%3C?$_SERVER['PHP_SELF']?%3E <form class="form" action="<?$_SERVER['PHP_SELF']?>" method="post"> Quote Link to comment Share on other sites More sharing options...
Buddski Posted December 8, 2010 Share Posted December 8, 2010 Try this. <form class="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> Quote Link to comment Share on other sites More sharing options...
zhshero Posted December 8, 2010 Author Share Posted December 8, 2010 and that solved the problem new problem Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\login.php:51) in C:\xampp\htdocs\functions.php on line 160 Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\login.php:51) in C:\xampp\htdocs\login.php on line 64 i shouldn't even be getting errors with my site all i did was moved webhosts :S Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted December 8, 2010 Share Posted December 8, 2010 Don't use $_SERVER['PHP_SELF'] to submit a form to itself, it presents a known XSS vulnerability. Just use action="" As for the second error, you're calling session_start() after there has been some other output to the browser. If you weren't getting that error before, the previous host probably had error_reporting = Off. Quote Link to comment Share on other sites More sharing options...
zhshero Posted December 8, 2010 Author Share Posted December 8, 2010 i don't think i have controll over the error_reporting on the webhost :/ Quote Link to comment Share on other sites More sharing options...
zhshero Posted December 8, 2010 Author Share Posted December 8, 2010 Warning: Cannot modify header information - headers already sent by (output started at /home/zhshero/public_html/home.php:2) in /home/zhshero/public_html/functions.php on line 57 line 57 at functions.php header ( "Location: " . REDIRECT_TO_LOGIN ); i have a lot of thoses header redirects in there would it still work if i'm getting this error or no b/c of right now i'm really not sure of a way around this unless i contact my host :/ Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted December 8, 2010 Share Posted December 8, 2010 The output was sent on line 2 of home.php. We need to see that code. Ken Quote Link to comment Share on other sites More sharing options...
zhshero Posted December 8, 2010 Author Share Posted December 8, 2010 line one is just a line with nothing on it i'm using notepad++ to edit files and thats how it shows 1. 2.<?php 3. include "sessionStore.php"; Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted December 8, 2010 Share Posted December 8, 2010 you can't have any output to the browser, not even an empty line before session_start(). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.