Jump to content

Archived

This topic is now archived and is closed to further replies.

kevdotbadger

Logging In Help!

Recommended Posts

I made a simple news update system a few nights ago using dreamweaver.

 

I had a few problems with logging in but all is fine now, or is it?Well it isnt. It seems that once i have logged (whic forwards to broswer to the admin;php page, from here i have links to add_news.php, update_news.php and delete_new.php) when i go to the "add_new.php" page is seems to bring this error up.

 

Notice: A session had already been started - ignoring session_start() in c:\program files\easyphp1-8\www\news update\add_news.php on line 25

 

Warning: Cannot modify header information - headers already sent by (output started at c:\program files\easyphp1-8\www\news update\add_news.php:25) in c:\program files\easyphp1-8\www\news update\add_news.php on line 63

 

Right line 25 shows;

 

<?php
   session_start();
   $MM_authorizedUsers = "";
   $MM_donotCheckaccess = "true";

   // *** Restrict Access To Page: Grant or deny access to this page
   function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
   // For security, start by assuming the visitor is NOT authorized.
   $isValid = False;

   // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
   // Therefore, we know that a user is NOT logged in if that Session variable is blank.
   if (!empty($UserName)) {
   // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
   // Parse the strings into arrays.
   $arrUsers = Explode(",", $strUsers);
   $arrGroups = Explode(",", $strGroups);
   if (in_array($UserName, $arrUsers)) {
   $isValid = true;
   }
   // Or, you may restrict access to only certain users based on their username.
   if (in_array($UserGroup, $arrGroups)) {
   $isValid = true;
   }
   if (($strUsers == "") && true) {
   $isValid = true;
   }
   }
   return $isValid;
   }

   $MM_restrictGoTo = "failed.php";
   if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
   $MM_qsChar = "?";
   $MM_referrer = $_SERVER['PHP_SELF'];
   if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
   if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
   $MM_referrer .= "?" . $QUERY_STRING;
   $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
   header("Location: ". $MM_restrictGoTo);
   exit;
   }
   ?>

 

 

AND

 

 

Lines 63 shows;

 

[/code]

header("Location: ". $MM_restrictGoTo);

 




The whole page code is;


  [CODE]
<?php require_once('Connections/news_update.php'); ?>
   <?php
   //initialize the session
   session_start();

   // ** Logout the current user. **
   $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
   if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
   $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
   }

   if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
   //to fully log out a visitor we need to clear the session varialbles
   session_unregister('MM_Username');
   session_unregister('MM_UserGroup');

   $logoutGoTo = "logout.php";
   if ($logoutGoTo) {
   header("Location: $logoutGoTo");
   exit;
   }
   }
   ?>
   <?php
   session_start();
   $MM_authorizedUsers = "";
   $MM_donotCheckaccess = "true";

   // *** Restrict Access To Page: Grant or deny access to this page
   function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
   // For security, start by assuming the visitor is NOT authorized.
   $isValid = False;

   // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
   // Therefore, we know that a user is NOT logged in if that Session variable is blank.
   if (!empty($UserName)) {
   // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
   // Parse the strings into arrays.
   $arrUsers = Explode(",", $strUsers);
   $arrGroups = Explode(",", $strGroups);
   if (in_array($UserName, $arrUsers)) {
   $isValid = true;
   }
   // Or, you may restrict access to only certain users based on their username.
   if (in_array($UserGroup, $arrGroups)) {
   $isValid = true;
   }
   if (($strUsers == "") && true) {
   $isValid = true;
   }
   }
   return $isValid;
   }

   $MM_restrictGoTo = "failed.php";
   if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
   $MM_qsChar = "?";
   $MM_referrer = $_SERVER['PHP_SELF'];
   if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
   if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
   $MM_referrer .= "?" . $QUERY_STRING;
   $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
   header("Location: ". $MM_restrictGoTo);
   exit;
   }
   ?>
   <?php
   function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
   {
   $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

   switch ($theType) {
   case "text":
   $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
   break;
   case "long":
   case "int":
   $theValue = ($theValue != "") ? intval($theValue) : "NULL";
   break;
   case "double":
   $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
   break;
   case "date":
   $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
   break;
   case "defined":
   $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
   break;
   }
   return $theValue;
   }

   $editFormAction = $_SERVER['PHP_SELF'];
   if (isset($_SERVER['QUERY_STRING'])) {
   $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
   }

   if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "add_news")) {
   $insertSQL = sprintf("INSERT INTO newsarticle (title, news, `user`, `date`) VALUES (%s, %s, %s, %s)",
   GetSQLValueString($_POST['title'], "text"),
   GetSQLValueString($_POST['message'], "text"),
   GetSQLValueString($_POST['name'], "text"),
   GetSQLValueString($_POST['date'], "text"));

   mysql_select_db($database_news_update, $news_update);
   $Result1 = mysql_query($insertSQL, $news_update) or die(mysql_error());

   $insertGoTo = "news_admin.php";
   if (isset($_SERVER['QUERY_STRING'])) {
   $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
   $insertGoTo .= $_SERVER['QUERY_STRING'];
   }
   header(sprintf("Location: %s", $insertGoTo));
   }

   mysql_select_db($database_news_update, $news_update);
   $query_add_nes = "SELECT * FROM newsarticle";
   $add_nes = mysql_query($query_add_nes, $news_update) or die(mysql_error());
   $row_add_nes = mysql_fetch_assoc($add_nes);
   $totalRows_add_nes = mysql_num_rows($add_nes);
   ?>
   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
   <html>
   <head>
   <title>add news</title>
   <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
   <script language="JavaScript" type="text/JavaScript">
   <!--
   function MM_reloadPage(init) { //reloads the window if Nav4 resized
   if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
   document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
   else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
   }
   MM_reloadPage(true);
   //-->
   </script>
   <link href="font.css" rel="stylesheet" type="text/css">
   <style type="text/css">
   <!--
   .style1 {color: #FFFFFF}
   -->
   </style>
   </head>

   <body>
   <table border="0" align="center" cellpadding="0" cellspacing="0">
   <tr>
   <td width="600" height="28" valign="top"></td>
   </tr>
   <tr>
   <td width="600" height="89" valign="top" background="img/logo.gif"> </td>
   </tr>
   <tr>
   <td width="600" height="32" valign="top" class="font"><div align="right"><a href="<?php echo $logoutAction ?>">Log out</a> </div></td>
   </tr>
   <tr>
   <td width="600" height="230" valign="top"><p class="font">Fill in the form below to add news to the news.php page. <br>
   <br>
   </p>
   <form action="<?php echo $editFormAction; ?>" method="POST" name="add_news" id="add_news">
   <div align="left">
   <p align="right"><span class="font">Name
   <input name="name" type="text" id="name">
   <br>
   <br>
   Title
   <input name="title" type="text" id="title">
   <br>
   <br>
   Message
   <input name="message" type="text" id="message">
   <br>
   <br>
   Date
   <input name="date" type="text" id="date" align="middle">
   <br>
   <br>
   </span>
   <input name="Submit" type="submit" class="font" value="add news">
   </p>
   </div>
   <input type="hidden" name="MM_insert" value="add_news">
   </form>
   <p class="font"> </p></td>
   </tr>
   <tr>
   <td width="600" height="30" valign="top"> </td>
   </tr>
   <tr>
   <td width="600" height="1" valign="top"><img src="transparent.gif" alt="" width="600" height="1"></td>
   </tr>
   </table>

   </body>
   </html>
   <?php
   mysql_free_result($add_nes);
   ?>

 

 

Any ideas?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.