Jump to content


Photo

Warning: Cannot modify header information - headers already sent by


  • Please log in to reply
5 replies to this topic

#1 cjl

cjl
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 23 October 2006 - 05:12 AM

It gives me an error for lines 118 and 119. Where I am setting the cookies. Could someone please help out.

Thank you!

<?
include("./database.php");
/**
 * Checks whether or not the given username is in the
 * database, if so it checks if the given password is
 * the same password in the database for that user.
 * If the user doesn't exist or if the passwords don't
 * match up, it returns an error code (1 or 2). 
 * On success it returns 0.
 */
function checkUser($user_name, $user_password){

	/* Verify that user is in database */
	$q = "SELECT user_password FROM users WHERE user_name='$user_name'";
	$result = mysql_query($q);
	if(!$result){
		return 1; //Indicates username failure
	}

	/* Retrieve password from result, strip slashes */
	$dbarray = mysql_fetch_array($result);
	$dbarray['user_password']  = stripslashes($dbarray['user_password']);
	$user_password = stripslashes($user_password);

	/* Validate that password is correct */
	if($user_password == $dbarray['user_password']){
		return 0; //Success! Username and password confirmed
	} else{
		return 2; //Indicates password failure
	}
}

/**
 * checkLogin - Checks if the user has already previously
 * logged in, and a session with the user has already been
 * established. Also checks to see if user has been remembered.
 * If so, the database is queried to make sure of the user's 
 * authenticity. Returns true if the user has logged in.
 */
function checkLogin(){
   /* Check if user has been remembered */
   if(isset($_COOKIE['user_name']) && isset($_COOKIE['user_password'])){
      $_SESSION['user_name'] = $_COOKIE['user_name'];
      $_SESSION['user_password'] = $_COOKIE['user_password'];
   }

   /* Username and password have been set */
   if(isset($_SESSION['user_name']) && isset($_SESSION['user_password'])){
      /* Confirm that username and password are valid */
      if(checkUser($_SESSION['user_name'], $_SESSION['user_password']) != 0){
         /* Variables are incorrect, user not logged in */
         unset($_SESSION['user_name']);
         unset($_SESSION['user_password']);
         return false;
      }
      return true;
   }
   /* User not logged in */
   else{
      return false;
   }
}


/**
 * Checks to see if the user has submitted his
 * username and password through the login form,
 * if so, checks authenticity in database and
 * creates session.
 */
if(isset($_POST['sublogin'])){
	
	// Check for an email address.
	if (!empty($_POST['user_name'])) {
		$user_name = escape_data($_POST['user_name']);
	} else {
		echo '<tr>';
		echo '<td>';
		echo '<table cellpadding="0" cellspacing="0">';
		echo '<td width="8"></td>';
		echo '<td width="200" style="font-family:Arial; font-size:10px; color:red;">You forgot to enter your username.</td>';
		echo '</table>';
		echo '</td>';
		echo '</tr>';
		$user_name = FALSE;
	}
	
	// Check for a password.
	if (!empty($_POST['user_password'])) {
		$user_password = escape_data($_POST['user_password']);
	} else {
		echo '<tr>';
		echo '<td>';
		echo '<table cellpadding="0" cellspacing="0">';
		echo '<td width="8"></td>';
		echo '<td width="200" style="font-family:Arial; font-size:10px; color:red;">You forgot to enter your password.</td>';
		echo '</table>';
		echo '</td>';
		echo '</tr>';
		$user_password = FALSE;
	}
	
	if($user_name && $user_password) {
	
		/* Retrieve the user_name and password for that user_name/password combination. */
		$query = "SELECT user_name, user_password FROM users WHERE user_name='$user_name' AND user_password=md5('$user_password')";		
		$result = @mysql_query ($query); // Run the query.
		$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.
	
		if($row) {
	
	
			$_POST['user_name'] = stripslashes($_POST['user_name']);
			$_SESSION['user_name'] = $_POST['user_name'];
			
			$md5pass = md5($_POST['user_password']);
			$_SESSION['user_password'] = $md5pass;
			
			setcookie("user_name", $_SESSION['user_name'], time()+60*60*24*100);
			setcookie("user_password", $_SESSION['user_password'], time()+60*60*24*100);

			/* Quick self-redirect to avoid resending data on refresh */
			echo '<meta http-equiv="Refresh" content="0;url=' . $_SERVER['PHP_SELF'];
				if (isset($_GET['p'])) {
					echo '?p=' . $_GET['p'];
				}
				if (isset($_GET['id'])) {
					echo '?id=' . $_GET['id'];
				}
			echo '">';
			return;
			
		} else {
			echo '<tr>';
			echo '<td>';
			echo '<table cellpadding="0" cellspacing="0">';
			echo '<td width="8"></td>';
			echo '<td width="300" style="font-family:Arial; font-size:10px; color:red;">Wrong username and password combination.</td>';
			echo '</table>';
			echo '</td>';
			echo '</tr>';
		}
	}
}

/**
 * Determines whether or not to display the login
 * form or to show the user that he is logged in
 * based on if the session variables are set.
 */
function displayLogin(){
   global $logged_in;
   if($logged_in){
?>
												<td width="8"></td>
												<td width="135" style="font-family:Arial; font-size:10px; color:#000000;">test</td>
												<td width="8"></td>
												<td style="font-family:Arial; font-size:10px; color:#000000;">
												<form action="" method="post">
													<input type="submit" name="logout" value="test">
												</form>
												</td>
<?php
   }
   else{
?>
									
									<tr>
										<td>
											<table cellpadding="0" cellspacing="0">
												<td width="8"></td>
												<td width="135" style="font-family:Arial; font-size:10px; color:#000000;">Username</td>
												<td width="8"></td>
												<td style="font-family:Arial; font-size:10px; color:#000000;">Password</td>
											</table>
										</td>
									</tr>
									<tr>
										<td>
											<table cellpadding="0" cellspacing="0">
												<form action="<?php echo $_SERVER['PHP_SELF']; ?><?php if(isset($_GET['p'])) { echo '?p=' . $_GET['p']; } ?>" method="post">
													<td width="8"></td>
													<td width="135"><input name="user_name" type="text" style="width:135px; height:18px; font-size:10px; border:0; padding: 2px 0px 0px 2px; background: url(images/login_box.gif)"></td>
													<td width="8"></td>
													<td><input name="user_password" type="password" style="width:135px; height:18px; font-size:10px; border:0; padding: 2px 0px 0px 2px; background: url(images/login_box.gif)"></td>
													<td width="5"></td>
													<td><input type="submit" name="sublogin" value="" style="width:25px; height:18px; border:0; background: url(images/login_go.gif)"></td>
												</form>
											</table>
										</td>
									</tr>
									<tr>
										<td height="6"></td>
									</tr>
									<tr>
										<td>
											<table cellpadding="0" cellspacing="0">
												<td width="8"></td>
												<td width="135" style="font-family:Arial; font-size:10px; color:#000000;">Register</td>
												<td width="8"></td>
												<td style="font-family:Arial; font-size:10px; color:#000000;">Forgotten Password?</td>
											</table>
										</td>
									</tr>
<?
   }
}

/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();

?>


#2 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 23 October 2006 - 05:14 AM

you cannot have any html output before modifying headers. you have html output before your cookie setting stuff.
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#3 fiddy

fiddy
  • Members
  • PipPipPip
  • Advanced Member
  • 75 posts

Posted 23 October 2006 - 05:16 AM

Try putting ob_start(); as your first line of code
:)

#4 cjl

cjl
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 23 October 2006 - 05:19 AM

It only echos the HTML if there is an error for them not posting a username or password, and the last echo is if both do not match the database files.

I wonder what could be a fix, ob_start(); NOT WORK.

Thanks.

#5 cjl

cjl
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 23 October 2006 - 06:30 PM

Warning: Cannot modify header information - headers already sent by (output started at D:\web_server\exitwound\news.php:32) in D:\web_server\exitwound\login-verify.php on line 103

Warning: Cannot modify header information - headers already sent by (output started at D:\web_server\exitwound\news.php:32) in D:\web_server\exitwound\login-verify.php on line 104

#6 cjl

cjl
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 23 October 2006 - 06:39 PM

Try putting ob_start(); as your first line of code


This actually worked, I just placed it in the wrong place. THANK YOU SOO MUCH!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users