kevdotbadger Posted April 28, 2005 Share Posted April 28, 2005 I made a simple news update system a few nights ago using dreamweaver. I had a few problems with logging in but all is fine now, or is it?Well it isnt. It seems that once i have logged (whic forwards to broswer to the admin;php page, from here i have links to add_news.php, update_news.php and delete_new.php) when i go to the "add_new.php" page is seems to bring this error up. Notice: A session had already been started - ignoring session_start() in c:\program files\easyphp1-8\www\news update\add_news.php on line 25 Warning: Cannot modify header information - headers already sent by (output started at c:\program files\easyphp1-8\www\news update\add_news.php:25) in c:\program files\easyphp1-8\www\news update\add_news.php on line 63 Right line 25 shows; <?php session_start(); $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "failed.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> AND Lines 63 shows; [/code] header("Location: ". $MM_restrictGoTo); The whole page code is; [CODE] <?php require_once('Connections/news_update.php'); ?> <?php //initialize the session session_start(); // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles session_unregister('MM_Username'); session_unregister('MM_UserGroup'); $logoutGoTo = "logout.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php session_start(); $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "failed.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue; switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "add_news")) { $insertSQL = sprintf("INSERT INTO newsarticle (title, news, `user`, `date`) VALUES (%s, %s, %s, %s)", GetSQLValueString($_POST['title'], "text"), GetSQLValueString($_POST['message'], "text"), GetSQLValueString($_POST['name'], "text"), GetSQLValueString($_POST['date'], "text")); mysql_select_db($database_news_update, $news_update); $Result1 = mysql_query($insertSQL, $news_update) or die(mysql_error()); $insertGoTo = "news_admin.php"; if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); } mysql_select_db($database_news_update, $news_update); $query_add_nes = "SELECT * FROM newsarticle"; $add_nes = mysql_query($query_add_nes, $news_update) or die(mysql_error()); $row_add_nes = mysql_fetch_assoc($add_nes); $totalRows_add_nes = mysql_num_rows($add_nes); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>add news</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_reloadPage(init) { //reloads the window if Nav4 resized if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); //--> </script> <link href="font.css" rel="stylesheet" type="text/css"> <style type="text/css"> <!-- .style1 {color: #FFFFFF} --> </style> </head> <body> <table border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="600" height="28" valign="top"></td> </tr> <tr> <td width="600" height="89" valign="top" background="img/logo.gif"> </td> </tr> <tr> <td width="600" height="32" valign="top" class="font"><div align="right"><a href="<?php echo $logoutAction ?>">Log out</a> </div></td> </tr> <tr> <td width="600" height="230" valign="top"><p class="font">Fill in the form below to add news to the news.php page. <br> <br> </p> <form action="<?php echo $editFormAction; ?>" method="POST" name="add_news" id="add_news"> <div align="left"> <p align="right"><span class="font">Name <input name="name" type="text" id="name"> <br> <br> Title <input name="title" type="text" id="title"> <br> <br> Message <input name="message" type="text" id="message"> <br> <br> Date <input name="date" type="text" id="date" align="middle"> <br> <br> </span> <input name="Submit" type="submit" class="font" value="add news"> </p> </div> <input type="hidden" name="MM_insert" value="add_news"> </form> <p class="font"> </p></td> </tr> <tr> <td width="600" height="30" valign="top"> </td> </tr> <tr> <td width="600" height="1" valign="top"><img src="transparent.gif" alt="" width="600" height="1"></td> </tr> </table> </body> </html> <?php mysql_free_result($add_nes); ?> Any ideas? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.