Jump to content

Recommended Posts

I made a simple news update system a few nights ago using dreamweaver.

 

I had a few problems with logging in but all is fine now, or is it?Well it isnt. It seems that once i have logged (whic forwards to broswer to the admin;php page, from here i have links to add_news.php, update_news.php and delete_new.php) when i go to the "add_new.php" page is seems to bring this error up.

 

Notice: A session had already been started - ignoring session_start() in c:\program files\easyphp1-8\www\news update\add_news.php on line 25

 

Warning: Cannot modify header information - headers already sent by (output started at c:\program files\easyphp1-8\www\news update\add_news.php:25) in c:\program files\easyphp1-8\www\news update\add_news.php on line 63

 

Right line 25 shows;

 

<?php
   session_start();
   $MM_authorizedUsers = "";
   $MM_donotCheckaccess = "true";

   // *** Restrict Access To Page: Grant or deny access to this page
   function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
   // For security, start by assuming the visitor is NOT authorized.
   $isValid = False;

   // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
   // Therefore, we know that a user is NOT logged in if that Session variable is blank.
   if (!empty($UserName)) {
   // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
   // Parse the strings into arrays.
   $arrUsers = Explode(",", $strUsers);
   $arrGroups = Explode(",", $strGroups);
   if (in_array($UserName, $arrUsers)) {
   $isValid = true;
   }
   // Or, you may restrict access to only certain users based on their username.
   if (in_array($UserGroup, $arrGroups)) {
   $isValid = true;
   }
   if (($strUsers == "") && true) {
   $isValid = true;
   }
   }
   return $isValid;
   }

   $MM_restrictGoTo = "failed.php";
   if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
   $MM_qsChar = "?";
   $MM_referrer = $_SERVER['PHP_SELF'];
   if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
   if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
   $MM_referrer .= "?" . $QUERY_STRING;
   $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
   header("Location: ". $MM_restrictGoTo);
   exit;
   }
   ?>

 

 

AND

 

 

Lines 63 shows;

 

[/code]

header("Location: ". $MM_restrictGoTo);

 




The whole page code is;


  [CODE]
<?php require_once('Connections/news_update.php'); ?>
   <?php
   //initialize the session
   session_start();

   // ** Logout the current user. **
   $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
   if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
   $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
   }

   if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
   //to fully log out a visitor we need to clear the session varialbles
   session_unregister('MM_Username');
   session_unregister('MM_UserGroup');

   $logoutGoTo = "logout.php";
   if ($logoutGoTo) {
   header("Location: $logoutGoTo");
   exit;
   }
   }
   ?>
   <?php
   session_start();
   $MM_authorizedUsers = "";
   $MM_donotCheckaccess = "true";

   // *** Restrict Access To Page: Grant or deny access to this page
   function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
   // For security, start by assuming the visitor is NOT authorized.
   $isValid = False;

   // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
   // Therefore, we know that a user is NOT logged in if that Session variable is blank.
   if (!empty($UserName)) {
   // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
   // Parse the strings into arrays.
   $arrUsers = Explode(",", $strUsers);
   $arrGroups = Explode(",", $strGroups);
   if (in_array($UserName, $arrUsers)) {
   $isValid = true;
   }
   // Or, you may restrict access to only certain users based on their username.
   if (in_array($UserGroup, $arrGroups)) {
   $isValid = true;
   }
   if (($strUsers == "") && true) {
   $isValid = true;
   }
   }
   return $isValid;
   }

   $MM_restrictGoTo = "failed.php";
   if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
   $MM_qsChar = "?";
   $MM_referrer = $_SERVER['PHP_SELF'];
   if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
   if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
   $MM_referrer .= "?" . $QUERY_STRING;
   $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
   header("Location: ". $MM_restrictGoTo);
   exit;
   }
   ?>
   <?php
   function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
   {
   $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

   switch ($theType) {
   case "text":
   $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
   break;
   case "long":
   case "int":
   $theValue = ($theValue != "") ? intval($theValue) : "NULL";
   break;
   case "double":
   $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
   break;
   case "date":
   $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
   break;
   case "defined":
   $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
   break;
   }
   return $theValue;
   }

   $editFormAction = $_SERVER['PHP_SELF'];
   if (isset($_SERVER['QUERY_STRING'])) {
   $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
   }

   if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "add_news")) {
   $insertSQL = sprintf("INSERT INTO newsarticle (title, news, `user`, `date`) VALUES (%s, %s, %s, %s)",
   GetSQLValueString($_POST['title'], "text"),
   GetSQLValueString($_POST['message'], "text"),
   GetSQLValueString($_POST['name'], "text"),
   GetSQLValueString($_POST['date'], "text"));

   mysql_select_db($database_news_update, $news_update);
   $Result1 = mysql_query($insertSQL, $news_update) or die(mysql_error());

   $insertGoTo = "news_admin.php";
   if (isset($_SERVER['QUERY_STRING'])) {
   $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
   $insertGoTo .= $_SERVER['QUERY_STRING'];
   }
   header(sprintf("Location: %s", $insertGoTo));
   }

   mysql_select_db($database_news_update, $news_update);
   $query_add_nes = "SELECT * FROM newsarticle";
   $add_nes = mysql_query($query_add_nes, $news_update) or die(mysql_error());
   $row_add_nes = mysql_fetch_assoc($add_nes);
   $totalRows_add_nes = mysql_num_rows($add_nes);
   ?>
   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
   <html>
   <head>
   <title>add news</title>
   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
   <script language="JavaScript" type="text/JavaScript">
   <!--
   function MM_reloadPage(init) { //reloads the window if Nav4 resized
   if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
   document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
   else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
   }
   MM_reloadPage(true);
   //-->
   </script>
   <link href="font.css" rel="stylesheet" type="text/css">
   <style type="text/css">
   <!--
   .style1 {color: #FFFFFF}
   -->
   </style>
   </head>

   <body>
   <table border="0" align="center" cellpadding="0" cellspacing="0">
   <tr>
   <td width="600" height="28" valign="top"></td>
   </tr>
   <tr>
   <td width="600" height="89" valign="top" background="img/logo.gif"> </td>
   </tr>
   <tr>
   <td width="600" height="32" valign="top" class="font"><div align="right"><a href="<?php echo $logoutAction ?>">Log out</a> </div></td>
   </tr>
   <tr>
   <td width="600" height="230" valign="top"><p class="font">Fill in the form below to add news to the news.php page. <br>
   <br>
   </p>
   <form action="<?php echo $editFormAction; ?>" method="POST" name="add_news" id="add_news">
   <div align="left">
   <p align="right"><span class="font">Name
   <input name="name" type="text" id="name">
   <br>
   <br>
   Title
   <input name="title" type="text" id="title">
   <br>
   <br>
   Message
   <input name="message" type="text" id="message">
   <br>
   <br>
   Date
   <input name="date" type="text" id="date" align="middle">
   <br>
   <br>
   </span>
   <input name="Submit" type="submit" class="font" value="add news">
   </p>
   </div>
   <input type="hidden" name="MM_insert" value="add_news">
   </form>
   <p class="font"> </p></td>
   </tr>
   <tr>
   <td width="600" height="30" valign="top"> </td>
   </tr>
   <tr>
   <td width="600" height="1" valign="top"><img src="transparent.gif" alt="" width="600" height="1"></td>
   </tr>
   </table>

   </body>
   </html>
   <?php
   mysql_free_result($add_nes);
   ?>

 

 

Any ideas?

Link to comment
https://forums.phpfreaks.com/topic/2281-logging-in-help/
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.