Jump to content

Recommended Posts

I have built a basic CMS for a client's site which works completely, with no errors on WAMPServer PHP 5.3.13 however when I upload it to my live server (PHP 5.3.8) I get the following errors in my "logincheck" file which checks is a user is logged in or not.

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/{myusername}/public_html/{sitename}/cms/home.php:10) in /home/{myusername}/public_html/{sitename}/cms/logincheck.php on line 2

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/{myusername}/public_html/{sitename}/cms/home.php:10) in /home/{myusername}/public_html/{sitename}/cms/logincheck.php on line 2

 

Warning: Cannot modify header information - headers already sent by (output started at /home/{myusername}/public_html/{sitename}/cms/home.php:10) in /home/{myusername}/public_html/{sitename}/cms/logincheck.php on line 4

 

Here is the code for the logincheck.php file:

 

<?php

session_start();

if (!isset( $_SESSION['myusername'] ) ){

header('location:index.php');

}

else{

 

  echo "<div class='phpecho'>". $_SESSION['myusername'] . " " . "successfully logged in :: <a href='logout.php'> log out </a><>";

 

}

?>

 

Index.php is my login screen

 

And {myusername}, {sitename} are replacements for the correct values in code in light of client privacy.

 

This is the code for my login form's "action".

 

<?php

 

session_start();

 

include('../../../connectdb.php');

 

// Define $myusername and $mypassword

$myusername=$_POST['myusername'];

$mypassword=$_POST['mypassword'];

 

// To protect MySQL injection

$myusername = stripslashes($myusername);

$mypassword = stripslashes($mypassword);

$myusername = mysql_real_escape_string($myusername);

$mypassword = mysql_real_escape_string($mypassword);

$encryptedmypassword = md5($mypassword);

 

$sql="SELECT * FROM users WHERE Username='$myusername' and Password='$encryptedmypassword'";

$result=mysql_query($sql);

 

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

 

// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){

 

// Register $myusername, $mypassword

$_SESSION['myusername']=$myusername;

$_SESSION['mypassword']=$encryptedmypassword;

header("location:welcome.php");

}

else {

header("location:loginfailed.php");

}

 

?>

 

Please could someone help, Alex :)

Link to comment
https://forums.phpfreaks.com/topic/266189-php-session-error/
Share on other sites

Well, step 1 of figuring out what's wrong with yours is reading the error:

 

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/{myusername}/public_html/{sitename}/cms/home.php:10) in /home/{myusername}/public_html/{sitename}/cms/logincheck.php on line 2

 

 

Cannot send header information.

 

Why not?

 

The headers are already sent.

 

Why were the headers sent?

 

output started at /home/{myusername}/public_html/{sitename}/cms/home.php:10

 

Find that file, find that line, stop outputting.

 

Also, don't run stripslashes on anything, it's deprecated.  if your web host requires it, get a new web host which is less than 10 years out of date.  You also do not need mysql_real_escape_string on values you'll be running through md5(), and even if you did, you would run it AFTER md5(), not before (but don't run it at all since md5 strings cannot contain sql injection)

Link to comment
https://forums.phpfreaks.com/topic/266189-php-session-error/#findComment-1364095
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.