Jump to content

Recommended Posts

Hi,

 

Im looking for a way of re-arranging my script(s) around to prevent headersalreadysent errors. I know i have a poor script design but since re-designing the site the script does not work where it previously had... im not sure whats gone wrong i just know that it needs to be changed somehow for it to work..

 

The error messages are coming from my login/check-login scripts:

 

Login.php: Contains the form

 

<form method="post" action="check_login.php">
<p>
<input type="submit" name="Submit2" value="go" />
</fieldset>
</form> 

 

Check_login.php: Proccess form data

 


<?php 
// Connects to your Database 
mysql_connect("server", "user", "password") or die(mysql_error()); 
mysql_select_db("DB") or die(mysql_error()); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{ 
	$username = $_COOKIE['ID_my_site']; 
	$pass = $_COOKIE['Key_my_site'];
	 	$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
	while($info = mysql_fetch_array( $check )) 	
		{
		if ($pass != $info['upassword']) 
			{
			 			}
		else
			{
			header("Location: members_area.php");

			}
		}
}

//if the login form is submitted 
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
	if(!$_POST['username'] | !$_POST['upassword']) {
		die('You did not fill in a required field.');
	}
	// checks it against the database

	if (!get_magic_quotes_gpc()) {
		$_POST['email'] = addslashes($_POST['email']);
	}
	$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
		die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
				}
while($info = mysql_fetch_array( $check )) 	
{
$_POST['upassword'] = stripslashes($_POST['upassword']);
	$info['upassword'] = stripslashes($info['upassword']);
	$_POST['upassword'] = md5($_POST['upassword']);

//gives error if the password is wrong
	if ($_POST['upassword'] != $info['upassword']) {
		die('Incorrect password, please try again.');
	}
  else 
{ 

// if login is ok then we add a cookie 
	 $_POST['username'] = stripslashes($_POST['username']); 
	 $hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['upassword'], $hour);	 

//then redirect them to the members area 
header("Location: members_area.php"); 
} 
} 
} 
else 
{	 

// if they are not logged in 
?> 
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
<table width="316" height="120" border="0"> 
<tr><td colspan=2><h1>Login</h1></td></tr> 
<tr><td>Username:</td><td> 
<input type="text" name="username" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input type="password" name="upassword" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>

 

Exact error messges read:

 

Warning: Cannot modify header information - headers already sent by (output started at /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php:11) in /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php on line 81

 

Warning: Cannot modify header information - headers already sent by (output started at /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php:11) in /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php on line 82

 

Warning: Cannot modify header information - headers already sent by (output started at /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php:11) in /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php on line 85

 

 

What do i have to do to change the script check_login around and make it work correctly? Thank you in advance

Link to comment
https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/
Share on other sites

You're receiving the error because PHP has already sent the headers to the browser, at the point where you're trying to send a 'location' header. PHP does this as soon as it encounters any output; be it HTML, text or even white-space. Looks like you have some white-space before the opening <?php tag in check_login.php - remove that and the error should go away.

I have got rid of any white space before <?php tags that i can find, it doesn't seem to have done the trick?

 

<?php 
// Connects to your Database 
mysql_connect("server", "user", "password") or die(mysql_error()); 
mysql_select_db("DB") or die(mysql_error()); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 	
{
if ($pass != $info['upassword']) 
{
}
else
{
header("Location: members_area.php");

			}
		}
}

//if the login form is submitted 
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
	if(!$_POST['username'] | !$_POST['upassword']) {
		die('You did not fill in a required field.');
	}
	// checks it against the database

	if (!get_magic_quotes_gpc()) {
		$_POST['email'] = addslashes($_POST['email']);
	}
	$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
		die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
				}
while($info = mysql_fetch_array( $check )) 	
{
$_POST['upassword'] = stripslashes($_POST['upassword']);
	$info['upassword'] = stripslashes($info['upassword']);
	$_POST['upassword'] = md5($_POST['upassword']);

//gives error if the password is wrong
	if ($_POST['upassword'] != $info['upassword']) {
		die('Incorrect password, please try again.');
	}
  else 
{ 

// if login is ok then we add a cookie 
	 $_POST['username'] = stripslashes($_POST['username']); 
	 $hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['upassword'], $hour);	 

//then redirect them to the members area 
header("Location: members_area.php"); 
} 
} 
} 
else 
{	 

// if they are not logged in 
?> 
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
<table width="316" height="120" border="0"> 
<tr><td colspan=2><h1>Login</h1></td></tr> 
<tr><td>Username:</td><td> 
<input type="text" name="username" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input type="password" name="upassword" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>

This is the full contents of check_login.php:

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<link href="styles/modified-style.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="header">
<h1>REMOVALSPACE.COM</h1></div>
<div id="wrapper">
   	  <div id="logo"></div>
        	<div id="menu">
        	  <h2><a href="index.php">Home</a> | <a href="login.php">Advertise with us</a> | <a href="about.php">Read about us</a> | <a href="contact.php">Contact us</a></h2>
      </div>
</div>
            	<div id="content">
<?php 
// Connects to your Database 
mysql_connect("server", "user", "password") or die(mysql_error()); 
mysql_select_db("DB") or die(mysql_error()); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 	
{
if ($pass != $info['upassword']) 
{
}
else
{
header("Location: members_area.php");

			}
		}
}

//if the login form is submitted 
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
	if(!$_POST['username'] | !$_POST['upassword']) {
		die('You did not fill in a required field.');
	}
	// checks it against the database

	if (!get_magic_quotes_gpc()) {
		$_POST['email'] = addslashes($_POST['email']);
	}
	$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
		die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
				}
while($info = mysql_fetch_array( $check )) 	
{
$_POST['upassword'] = stripslashes($_POST['upassword']);
	$info['upassword'] = stripslashes($info['upassword']);
	$_POST['upassword'] = md5($_POST['upassword']);

//gives error if the password is wrong
	if ($_POST['upassword'] != $info['upassword']) {
		die('Incorrect password, please try again.');
	}
  else 
{ 

// if login is ok then we add a cookie 
	 $_POST['username'] = stripslashes($_POST['username']); 
	 $hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['upassword'], $hour);	 

//then redirect them to the members area 
header("Location: members_area.php"); 
} 
} 
} 
else 
{	 

// if they are not logged in 
?> 
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
<table width="316" height="120" border="0"> 
<tr><td colspan=2><h1>Login</h1></td></tr> 
<tr><td>Username:</td><td> 
<input type="text" name="username" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input type="password" name="upassword" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>
</div>

                	<div id="sidebar">
                	  <h3>Home <br /><br /><br /> Advertise with us <br /><br /><br /> Read about us <br /><br /><br /> Contact us</h3>
                	  <h3>Removals</h3>
                	</div>
<div id="footer"></div>
</body>
</html>

This constitutes as "HTML, text or even white-space":

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<link href="styles/modified-style.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="header">
<h1>REMOVALSPACE.COM</h1></div>
<div id="wrapper">
   	  <div id="logo"></div>
        	<div id="menu">
        	  <h2><a href="index.php">Home</a> | <a href="login.php">Advertise with us</a> | <a href="about.php">Read about us</a> | <a href="contact.php">Contact us</a></h2>
      </div>
</div>
            	<div id="content">

 

There can be no output before trying to sending a HTTP header. Why does the 'check login' file output the HTML header anyways? I would move that to it's own file (header.php or something), and only include it once you have verified their login and completed all your application logic.

No you should be checking they're logged in for every page (generally), I'm saying don't have the header HTML within a file you've called "check_login.php". Doesn't make sense. Instead put the header HTML it in it's own file (header.php or something) and include that once you have verified their login and performed all your database queries and stuff (your application logic).

In my haste i've deleted the html part. I only have the php part left, if we start over:

 

this script is sending me straight to the members area WITHOUT asking for a username or password?

 

How do i modify it to do this:

 

<?php 
// Connects to your Database 
mysql_connect("server", "user", "password") or die(mysql_error()); 
mysql_select_db("DB") or die(mysql_error()); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 	
{
if ($pass != $info['upassword']) 
{
}
else
{
header("Location: members_area.php");

			}
		}
}

//if the login form is submitted 
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
	if(!$_POST['username'] | !$_POST['upassword']) {
		die('You did not fill in a required field.');
	}
	// checks it against the database

	if (!get_magic_quotes_gpc()) {
		$_POST['email'] = addslashes($_POST['email']);
	}
	$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
		die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
				}
while($info = mysql_fetch_array( $check )) 	
{
$_POST['upassword'] = stripslashes($_POST['upassword']);
	$info['upassword'] = stripslashes($info['upassword']);
	$_POST['upassword'] = md5($_POST['upassword']);

//gives error if the password is wrong
	if ($_POST['upassword'] != $info['upassword']) {
		die('Incorrect password, please try again.');
	}
  else 
{ 

// if login is ok then we add a cookie 
	 $_POST['username'] = stripslashes($_POST['username']); 
	 $hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['upassword'], $hour);	 

//then redirect them to the members area 
header("Location: members_area.php"); 
} 
} 
} 
else 
{	 

// if they are not logged in 
?> 
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
<table width="316" height="120" border="0"> 
<tr><td colspan=2><h1>Login</h1></td></tr> 
<tr><td>Username:</td><td> 
<input type="text" name="username" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input type="password" name="upassword" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.