headers problem. :(

[IamSuchANoob]

Hey!

I have a problem, I have a PHP script which sends mail from a html form. Weird is, it works great on another host.

 

error:

Warning: Cannot modify header information - headers already sent by (output started at /home/sbsbitum/public_html/process2.php:5) in /home/sbsbitum/public_html/process2.php on line 60

php:

<?php
if(!isset($_POST['submit']))
{
    //This page should not be accessed directly. Need to submit the form.
    echo "error; you need to submit the form!";
}
$name = $_POST['cformname'];
$email = $_POST['cformemail'];
$message = $_POST['cformmessage'];

//Validate first
if(empty($name)||empty($email))
{
    echo "Name and email are mandatory!";
    exit;
}

if(IsInjected($email))
{
    echo "Bad email value!";
    exit;
}

$to  = 'info@test.com';// to email address

// subject
$subject = 'Message from homepage.';

// message
$body = '
<html>
<head>
  <title>Viesti</title>
</head>
<body>
  <img src="">
  <table rules="all" style="border-color: #666;" cellpadding="10">
  <tr style="background:" #eee;><td><strong>Nimi:</strong></td><td>'.$name.'</td></tr>
  <tr><td<strong>Email:</td<strong><td>'.$email.'</td></tr>
  <tr><td<strong>Viesti:</td<strong><td>'.$message.'</td></tr>
  </table>
  </body>
  </html>
 
';


$headers .='MIME-Version: 1.0' . "\r\n";
$headers .='Content-type: text/html; charset=utf-8' . "\r\n";

// Additional headers
$headers .= 'From: sender '.$email.' ' . "\r\n";


// Mail it
mail($to, $subject, $body, $headers);
//done. redirect to thank-you page.
header('Location: lehed/thx.php');


// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}
function filter($data)
{
    $data = trim(htmlentities(strip_tags($data)));
    if (get_magic_quotes_gpc())
    {
        $data = stripslashes($data);
    }
    
    return $data;
}   
?>

[requinix]

Can't use header() if there's been any output.

 

The error message tells you where the output happened. You have to decide whether that output should be moved (and if so, where to), or whether there's a bug and your code wasn't supposed to header() at all, or something else.

[IamSuchANoob]

Yeah, I try to send the user after sending in the form to the page thx.php (just image). I tried the

 ob_start();

solution but I don't like workarounds. (for example, with ob_start(); the HTML doesn't show up properly for example in RoundCube client).

[Ch0cu3r]

Then use header() before any output. Output is considered to be anything that is being echo/print'd or anything that is outside of the <?php ?> tags.

 

The error tells where output was detected

Warning: Cannot modify header information - headers already sent by (output started at /home/sbsbitum/public_html/process2.php:5) in /home/sbsbitum/public_html/process2.php on line 60

 

In red it tells you the location of the file and line number on which the output started. In blue it tells you the location and line number where you attempted to use header(). So what is the first 5 lines of process2.php?

[IamSuchANoob]

    //This page should not be accessed directly. Need to submit the form.
    echo "error; you need to submit the form!";

[cyberRobot]

Try adding an exit statement after the error message.

//This page should not be accessed directly. Need to submit the form.
echo "error; you need to submit the form!";
exit;

The rest of the script seems to be geared toward processing a form submission. So you don't want that code being executed if the page was accessed directly (without submitting a form).