Jump to content

Warning: Cannot modify header information - headers already sent by


cjl

Recommended Posts

It gives me an error for lines 118 and 119. Where I am setting the cookies. Could someone please help out.

Thank you!

[code]<?
include("./database.php");
/**
* Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2).
* On success it returns 0.
*/
function checkUser($user_name, $user_password){

/* Verify that user is in database */
$q = "SELECT user_password FROM users WHERE user_name='$user_name'";
$result = mysql_query($q);
if(!$result){
return 1; //Indicates username failure
}

/* Retrieve password from result, strip slashes */
$dbarray = mysql_fetch_array($result);
$dbarray['user_password']  = stripslashes($dbarray['user_password']);
$user_password = stripslashes($user_password);

/* Validate that password is correct */
if($user_password == $dbarray['user_password']){
return 0; //Success! Username and password confirmed
} else{
return 2; //Indicates password failure
}
}

/**
* checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
  /* Check if user has been remembered */
  if(isset($_COOKIE['user_name']) && isset($_COOKIE['user_password'])){
      $_SESSION['user_name'] = $_COOKIE['user_name'];
      $_SESSION['user_password'] = $_COOKIE['user_password'];
  }

  /* Username and password have been set */
  if(isset($_SESSION['user_name']) && isset($_SESSION['user_password'])){
      /* Confirm that username and password are valid */
      if(checkUser($_SESSION['user_name'], $_SESSION['user_password']) != 0){
        /* Variables are incorrect, user not logged in */
        unset($_SESSION['user_name']);
        unset($_SESSION['user_password']);
        return false;
      }
      return true;
  }
  /* User not logged in */
  else{
      return false;
  }
}


/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){

// Check for an email address.
if (!empty($_POST['user_name'])) {
$user_name = escape_data($_POST['user_name']);
} else {
echo '<tr>';
echo '<td>';
echo '<table cellpadding="0" cellspacing="0">';
echo '<td width="8"></td>';
echo '<td width="200" style="font-family:Arial; font-size:10px; color:red;">You forgot to enter your username.</td>';
echo '</table>';
echo '</td>';
echo '</tr>';
$user_name = FALSE;
}

// Check for a password.
if (!empty($_POST['user_password'])) {
$user_password = escape_data($_POST['user_password']);
} else {
echo '<tr>';
echo '<td>';
echo '<table cellpadding="0" cellspacing="0">';
echo '<td width="8"></td>';
echo '<td width="200" style="font-family:Arial; font-size:10px; color:red;">You forgot to enter your password.</td>';
echo '</table>';
echo '</td>';
echo '</tr>';
$user_password = FALSE;
}

if($user_name && $user_password) {

/* Retrieve the user_name and password for that user_name/password combination. */
$query = "SELECT user_name, user_password FROM users WHERE user_name='$user_name' AND user_password=md5('$user_password')";
$result = @mysql_query ($query); // Run the query.
$row = mysql_fetch_array ($result, MYSQL_NUM); // Return a record, if applicable.

if($row) {


$_POST['user_name'] = stripslashes($_POST['user_name']);
$_SESSION['user_name'] = $_POST['user_name'];

$md5pass = md5($_POST['user_password']);
$_SESSION['user_password'] = $md5pass;

setcookie("user_name", $_SESSION['user_name'], time()+60*60*24*100);
setcookie("user_password", $_SESSION['user_password'], time()+60*60*24*100);

/* Quick self-redirect to avoid resending data on refresh */
echo '<meta http-equiv="Refresh" content="0;url=' . $_SERVER['PHP_SELF'];
if (isset($_GET['p'])) {
echo '?p=' . $_GET['p'];
}
if (isset($_GET['id'])) {
echo '?id=' . $_GET['id'];
}
echo '">';
return;

} else {
echo '<tr>';
echo '<td>';
echo '<table cellpadding="0" cellspacing="0">';
echo '<td width="8"></td>';
echo '<td width="300" style="font-family:Arial; font-size:10px; color:red;">Wrong username and password combination.</td>';
echo '</table>';
echo '</td>';
echo '</tr>';
}
}
}

/**
* Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
  global $logged_in;
  if($logged_in){
?>
<td width="8"></td>
<td width="135" style="font-family:Arial; font-size:10px; color:#000000;">test</td>
<td width="8"></td>
<td style="font-family:Arial; font-size:10px; color:#000000;">
<form action="" method="post">
<input type="submit" name="logout" value="test">
</form>
</td>
<?php
  }
  else{
?>

<tr>
<td>
<table cellpadding="0" cellspacing="0">
<td width="8"></td>
<td width="135" style="font-family:Arial; font-size:10px; color:#000000;">Username</td>
<td width="8"></td>
<td style="font-family:Arial; font-size:10px; color:#000000;">Password</td>
</table>
</td>
</tr>
<tr>
<td>
<table cellpadding="0" cellspacing="0">
<form action="<?php echo $_SERVER['PHP_SELF']; ?><?php if(isset($_GET['p'])) { echo '?p=' . $_GET['p']; } ?>" method="post">
<td width="8"></td>
<td width="135"><input name="user_name" type="text" style="width:135px; height:18px; font-size:10px; border:0; padding: 2px 0px 0px 2px; background: url(images/login_box.gif)"></td>
<td width="8"></td>
<td><input name="user_password" type="password" style="width:135px; height:18px; font-size:10px; border:0; padding: 2px 0px 0px 2px; background: url(images/login_box.gif)"></td>
<td width="5"></td>
<td><input type="submit" name="sublogin" value="" style="width:25px; height:18px; border:0; background: url(images/login_go.gif)"></td>
</form>
</table>
</td>
</tr>
<tr>
<td height="6"></td>
</tr>
<tr>
<td>
<table cellpadding="0" cellspacing="0">
<td width="8"></td>
<td width="135" style="font-family:Arial; font-size:10px; color:#000000;">Register</td>
<td width="8"></td>
<td style="font-family:Arial; font-size:10px; color:#000000;">Forgotten Password?</td>
</table>
</td>
</tr>
<?
  }
}

/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();

?>[/code]
Link to comment
Share on other sites

It only echos the HTML if there is an error for them not posting a username or password, and the last echo is if both do not match the database files.

I wonder what could be a fix, ob_start(); NOT WORK.

Thanks.
Link to comment
Share on other sites

Warning: Cannot modify header information - headers already sent by (output started at D:\web_server\exitwound\news.php:32) in D:\web_server\exitwound\login-verify.php on line 103

Warning: Cannot modify header information - headers already sent by (output started at D:\web_server\exitwound\news.php:32) in D:\web_server\exitwound\login-verify.php on line 104
Link to comment
Share on other sites

[quote author=fiddy link=topic=112398.msg456138#msg456138 date=1161580564]
Try putting ob_start(); as your first line of code
[/quote]

This actually worked, I just placed it in the wrong place. THANK YOU SOO MUCH!
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.