Jump to content

Sessions Cookies error message


valgris

Recommended Posts

Hello again, I posted a question earlier about an include issue which I managed to fix but now I am dealing with a completely new error message and unlike before I don't even have a basic Idea of what is going on.

 

The error in question is -

 

An error occurred in script 'C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\IUS\Login\form_process.php' on line 10: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\IUS\Index.php:1)

Date/Time: 1-10-2012 16:49:31

 

the code for form_process.php is as follows

<?php # Script 16.8 - login.php
// This is the login page for the site.

require_once ('login/config2.inc.php'); 

// Start output buffering:
ob_start();

// Initialize a session:
session_start();

if (isset($_POST['submitted'])) {
require_once (MYSQL);

// Validate the email address:
if (!empty($_POST['email'])) {
	$e = mysqli_real_escape_string ($dbc, $_POST['email']);
} else {
	$e = FALSE;
}

// Validate the password:
if (!empty($_POST['pass'])) {
	$p = mysqli_real_escape_string ($dbc, $_POST['pass']);
} else {
	$p = FALSE;
}

if ($e && $p) { // If everything's OK.

	// Query the database:
	$q = "SELECT user_id, first_name, user_level FROM users WHERE (email='$e' AND pass=SHA1('$p')) AND active IS NULL";		
	$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

	if (@mysqli_num_rows($r) == 1) { // A match was made.

		// Register the values & redirect:
		$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); 
		mysqli_free_result($r);
		mysqli_close($dbc);

		$url = BASE_URL . 'index.php'; // Define the URL:
		ob_end_clean(); // Delete the buffer.
		header("Location: $url");
		exit(); // Quit the script.

	} else { // No match was made.
		echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
	}

} else { // If everything wasn't OK.
	echo '<p class="error">Please try again.</p>';
}

mysqli_close($dbc);

} // End of SUBMIT conditional.
?>

 

The process also uses config2.php so I am including the code for that in-case it helps

 

 

<?php # Script 16.3 - config.inc.php

// ********************************** //
// ************ SETTINGS ************ //

// Flag variable for site status:
define('LIVE', FALSE);

// Admin contact address:
define('EMAIL', 'email@gmail.com');

// Site URL (base for all redirections):
define ('BASE_URL', 'localhost/IUS');

// Location of the MySQL connection script:
define ('MYSQL', 'login/mysqli_connect.php');

// Adjust the time zone for PHP 5.1 and greater:
date_default_timezone_set ('US/Eastern');

// ************ SETTINGS ************ //
// ********************************** //


// ****************************************** //
// ************ ERROR MANAGEMENT ************ //

// Create the error handler:
function my_error_handler ($e_number, $e_message, $e_file, $e_line, $e_vars) {

// Build the error message.
$message = "<p>An error occurred in script '$e_file' on line $e_line: $e_message\n<br />";

// Add the date and time:
$message .= "Date/Time: " . date('n-j-Y H:i:s') . "\n<br />";

// Append $e_vars to the $message:
$message .= "<pre>" . print_r ($e_vars, 1) . "</pre>\n</p>";

if (!LIVE) { // Development (print the error).

	echo '<div class="error">' . $message . '</div><br />';

} else { // Don't show the error:

	// Send an email to the admin:
	mail(EMAIL, 'Site Error!', $message, 'From: you@youremail.com');

	// Only print an error message if the error isn't a notice:
	if ($e_number != E_NOTICE) {
		echo '<div class="error">A system error occurred. We apologize for the inconvenience.</div><br />';
	}
} // End of !LIVE IF.

} // End of my_error_handler() definition.

// Use my error handler.
set_error_handler ('my_error_handler');

// ************ ERROR MANAGEMENT ************ //
// ****************************************** //

?>

 

At first I thought it was because cookies weren't enabled but I am positive they are, so I am really at a loss as-to what's going on, there is more to the error message, though its quite long and will take me a few minutes to go through and remove/alter any sensitive information.

Link to comment
Share on other sites

I have read the sticky topic but from what I can see the code is not outputting anything to the browser beforehand so I shouldn't be getting the error.

The script is called at the very top of the page before any html outputting.

Also the ob_start(); should take care of the output issue, shouldn't it?

 

The last post in the thread talks about byte order marks, could this be the issue? or am I missing something?

 

<?php # Script 16.8 - login.php
// This is the login page for the site.

require_once ('login/config2.inc.php'); 

// Start output buffering:
ob_start();

// Initialize a session:
session_start();

if (isset($_POST['submitted'])) {
require_once (MYSQL);

// Validate the email address:
if (!empty($_POST['email'])) {
	$e = mysqli_real_escape_string ($dbc, $_POST['email']);
} else {
	$e = FALSE;
}

// Validate the password:
if (!empty($_POST['pass'])) {
	$p = mysqli_real_escape_string ($dbc, $_POST['pass']);
} else {
	$p = FALSE;
}

if ($e && $p) { // If everything's OK.

	// Query the database:
	$q = "SELECT user_id, first_name, user_level FROM users WHERE (email='$e' AND pass=SHA1('$p')) AND active IS NULL";		
	$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

	if (@mysqli_num_rows($r) == 1) { // A match was made.

		// Register the values & redirect:
		$_SESSION = mysqli_fetch_array ($r, MYSQLI_ASSOC); 
		mysqli_free_result($r);
		mysqli_close($dbc);

		$url = BASE_URL . 'index.php'; // Define the URL:
		ob_end_clean(); // Delete the buffer.
		header("Location: $url");
		exit(); // Quit the script.

	} else { // No match was made.
		echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
	}

} else { // If everything wasn't OK.
	echo '<p class="error">Please try again.</p>';
}

mysqli_close($dbc);

} // End of SUBMIT conditional.
?>

Link to comment
Share on other sites

The error message tells you where the output is occurring.

 

An error occurred in script 'C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\IUS\Login\form_process.php' on line 10: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\Program Files\Apache Software Foundation\Apache2.2\htdocs\IUS\Index.php:1)

 

So, the output is starting on line 1 of index.php. What is the content of that file?

Link to comment
Share on other sites

The code for line 1 of index.php is

 

<?php include ('Login/form_process.php'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 

Its just an include for the form_process.php I don't see why it would cause that error message?

 

The entire page is as follows -

 

<?php include ('Login/form_process.php'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
    <title>IUS Home</title>
    <link href="style.css" rel="stylesheet" type="text/css" />
   
    <script language="javascript" type="text/javascript">
// <!CDATA[

        function TextArea1_onclick() {

        }

// ]]>
    </script>
</head>
<body> 
<div>
<form action="" method="post" class="LoginForm">
<fieldset>
<?php
if (isset($_POST['submitted'])) {

// Validate the email address:
if (empty($_POST['email'])) {
	echo '<p class="error">enter your email!</p>';
}
}
?>	
<p><b>Email Address:</b></p>
<p> 
  <input type="text" name="email" size="20" maxlength="40" />
  </p>

    <?php
if (isset($_POST['submitted'])) {

// Validate the password:
if (empty($_POST['pass'])) {

	echo '<p class="error">Enter your password!</p>';
}

} // End of VALIDATING.
?>


    <p><b>Password:</b></p>
    <p> <input type="password" name="pass" size="20" maxlength="20" />
    </p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>
<!--END FORM-->
</div>
    </body>
</html>

<?php // Flush the buffered output.
ob_end_flush();
?>

Link to comment
Share on other sites

As long as there isn't a space before the <?php opening tag, it almost has to be a BOM saved with the file. Open it in your editor, and resave it as UTF-8, without BOM (most editors have an option for BOM/no BOM). See if that takes care of it.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.