andy_b_1502 Posted March 23, 2012 Share Posted March 23, 2012 Hi, Im looking for a way of re-arranging my script(s) around to prevent headersalreadysent errors. I know i have a poor script design but since re-designing the site the script does not work where it previously had... im not sure whats gone wrong i just know that it needs to be changed somehow for it to work.. The error messages are coming from my login/check-login scripts: Login.php: Contains the form <form method="post" action="check_login.php"> <p> <input type="submit" name="Submit2" value="go" /> </fieldset> </form> Check_login.php: Proccess form data <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Exact error messges read: Warning: Cannot modify header information - headers already sent by (output started at /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php:11) in /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php on line 81 Warning: Cannot modify header information - headers already sent by (output started at /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php:11) in /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php on line 82 Warning: Cannot modify header information - headers already sent by (output started at /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php:11) in /hermes/bosweb25a/b109/ipg.removalspacecom/check_login.php on line 85 What do i have to do to change the script check_login around and make it work correctly? Thank you in advance Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/ Share on other sites More sharing options...
Adam Posted March 23, 2012 Share Posted March 23, 2012 You're receiving the error because PHP has already sent the headers to the browser, at the point where you're trying to send a 'location' header. PHP does this as soon as it encounters any output; be it HTML, text or even white-space. Looks like you have some white-space before the opening <?php tag in check_login.php - remove that and the error should go away. Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330464 Share on other sites More sharing options...
andy_b_1502 Posted March 23, 2012 Author Share Posted March 23, 2012 I have got rid of any white space before <?php tags that i can find, it doesn't seem to have done the trick? <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330472 Share on other sites More sharing options...
Adam Posted March 23, 2012 Share Posted March 23, 2012 The error is claiming the output was started at line 11 in check_login.php - is what you've posted the full contents? Nothing before it? Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330478 Share on other sites More sharing options...
andy_b_1502 Posted March 23, 2012 Author Share Posted March 23, 2012 This is the full contents of check_login.php: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="styles/modified-style.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="header"> <h1>REMOVALSPACE.COM</h1></div> <div id="wrapper"> <div id="logo"></div> <div id="menu"> <h2><a href="index.php">Home</a> | <a href="login.php">Advertise with us</a> | <a href="about.php">Read about us</a> | <a href="contact.php">Contact us</a></h2> </div> </div> <div id="content"> <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> </div> <div id="sidebar"> <h3>Home <br /><br /><br /> Advertise with us <br /><br /><br /> Read about us <br /><br /><br /> Contact us</h3> <h3>Removals</h3> </div> <div id="footer"></div> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330483 Share on other sites More sharing options...
Adam Posted March 23, 2012 Share Posted March 23, 2012 This constitutes as "HTML, text or even white-space": <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> <link href="styles/modified-style.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="header"> <h1>REMOVALSPACE.COM</h1></div> <div id="wrapper"> <div id="logo"></div> <div id="menu"> <h2><a href="index.php">Home</a> | <a href="login.php">Advertise with us</a> | <a href="about.php">Read about us</a> | <a href="contact.php">Contact us</a></h2> </div> </div> <div id="content"> There can be no output before trying to sending a HTTP header. Why does the 'check login' file output the HTML header anyways? I would move that to it's own file (header.php or something), and only include it once you have verified their login and completed all your application logic. Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330488 Share on other sites More sharing options...
andy_b_1502 Posted March 23, 2012 Author Share Posted March 23, 2012 So what your saying is in the login form, send them to the members area and check they have logged in on that page? Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330490 Share on other sites More sharing options...
Adam Posted March 23, 2012 Share Posted March 23, 2012 No you should be checking they're logged in for every page (generally), I'm saying don't have the header HTML within a file you've called "check_login.php". Doesn't make sense. Instead put the header HTML it in it's own file (header.php or something) and include that once you have verified their login and performed all your database queries and stuff (your application logic). Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330496 Share on other sites More sharing options...
andy_b_1502 Posted March 23, 2012 Author Share Posted March 23, 2012 In my haste i've deleted the html part. I only have the php part left, if we start over: this script is sending me straight to the members area WITHOUT asking for a username or password? How do i modify it to do this: <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330500 Share on other sites More sharing options...
andy_b_1502 Posted March 23, 2012 Author Share Posted March 23, 2012 New topic started! Quote Link to comment https://forums.phpfreaks.com/topic/259557-need-help-re-arranging-my-script/#findComment-1330503 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.