[SOLVED] wired errors when including <?php include("login.php"); ?>

[runnerjp]

hey guys... my login script works on its own but when i added <?php include("login.php"); ?> to my main page and try to log on i get

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/runningp/public_html/index.php:6) in /home/runningp/public_html/functions.php on line 160

 

Warning: Cannot modify header information - headers already sent by (output started at /home/runningp/public_html/index.php:6) in /home/runningp/public_html/login.php on line 16

 

added below are areas that it is pointing to

 

the login.php

<?php
require_once ( 'settings.php' );

if ( array_key_exists ( '_submit_check', $_POST ) )
{
	if ( $_POST['username'] != '' && $_POST['password'] != '' )
	{
		$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );

		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			if ( $row->Active == 1 )
			{
				set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
				header ( "Location: " . REDIRECT_AFTER_LOGIN );
			}
			elseif ( $row->Active == 0 ) {
				$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
			}
			elseif ( $row->Active == 2 ) {
				$error = 'You are suspended!';
			}
		}
		else {		
			$error = 'Login failed!';		
		}
	}
	else {
		$error = 'Please use both your username and password to access your account';
	}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link href="css/styles.css" rel="stylesheet" type="text/css" />

</head>

<body>

<div id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
</div>
<div id="container" style="width:230px;">

	<form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">

		<input type="hidden" name="_submit_check" value="1"/> 

		<div style="margin-top:12px; margin-bottom:10px">
			<img src="images/username.gif" alt="username" border="0" />
			<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
		</div>
		<div style="margin-bottom:6px">
			<img src="images/password.gif" alt="password" border="0" />
			<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
		</div>
		<?php if ( ALLOW_REMEMBER_ME ):?>
		<div style="margin-bottom:6px">
			<input type="checkbox" name="remember" id="remember" />
			<label for="remember">Remember me</label>
		</div>
		<?php endif;?>
		<input type="image" name="Login" value="Login"  class="submit-btn" src="images/btn.gif" alt="submit" title="submit" />
		<br class="clear" />
		<a href="register.php">Register</a> / <a href="forgot_password.php">Password recovery?</a>

	</form>



	<?=powered_by ()?>

</div>

</body>

</html>

 

and process part is

 

function set_login_sessions ( $user_id, $password, $remember )
{
	//start the session
	session_start();

	//set the sessions
	$_SESSION['user_id'] = $user_id;
	$_SESSION['logged_in'] = TRUE;

	//do we have "remember me"?
	if ( $remember ) {
		setcookie ( "cookie_id", $user_id, time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
		setcookie ( "authenticate", md5 ( getIP () . $password . $_SERVER['USER_AGENT'] ), time() + KEEP_LOGGED_IN_FOR, COOKIE_PATH );
	}
}

 

line 160 is basicly session_start();

 

but i dont get it as the login script works without the include....am i making a school boy error

[revraz]

Remove the session_start(); from the function and put it at the top of every page instead.

[cooldude832]

more generically,

 

Sessions become part of the header data of the page (not an html head, but a http header)

If you output anything pre saying session_start(); you will result in an error because you are trying to mod something post it being made.

 

read the sticky.

[runnerjp]

i still have the error with

Cannot modify header information - headers already sent by (output started at /home/runningp/public_html/index.php:7) in /home/runningp/public_html/login.php on line 16

 

so basicly im starting the session after its been sent for the 1st error

 

[runnerjp]

is this cos im trying to send it to a page 2wise?

[revraz]

You only want to start a session once per page.

[runnerjp]

yes i get it now after all you can only start something 1ns as its allready started lol

 

whats wrong with the headers :S as if i take it out its directed to know where

[runnerjp]

this is index.php

<table width="200" border="1">
  <tr>
    <td>hello</td>
  </tr>
  <tr>
    <td><?php include("login.php"); ?></td>
  </tr>
</table>

 

is it cos i have added it into it like this because this is only way i think the problem is occuring

[PFMaBiSmAd]

Please read the error -

output started at /home/runningp/public_html/index.php:7

 

index.php, line 7 is outputting content to the browser that was preventing the session_start() and is preventing the header() redirect from working. Your page cannot output content to the browser and then do anything that needs to output a header. Correct the code so that nothing is output before the headers.

 

Look at it this way - if you are outputting content to the browser on a page that can redirect to another page, before you make the decision to redirect, you are wasting processing time and bandwidth every time that page is visited. Do any logic to figure out what the page will be doing first, then output only the content that is appropriate on that page.

[runnerjp]

so i dont get it lol sorry what are the heards do i have to put redirect somewhere else :S

[revraz]

http://www.phpfreaks.com/forums/index.php/topic,37442.0.html

[runnerjp]

aghh wat a complete idot i must seem ... i really dont get what header ( "Location: " . REDIRECT_AFTER_LOGIN ); has to do with <?php include("login.php"); ?>

 

btw i did look at the link revraz lol and it confused me a little

[revraz]

I really can't explain it better than PFMaBiSmAd already did.

[runnerjp]

ahh ok so all i gotta do is select data base ect so like this...

 

<?php
require_once ( 'settings.php' );

if ( array_key_exists ( '_submit_check', $_POST ) )
{
	if ( $_POST['username'] != '' && $_POST['password'] != '' )
	{
		$query = 'SELECT ID, Username, Active, Password FROM ' . DBPREFIX . 'users WHERE Username = ' . $db->qstr ( $_POST['username'] ) . ' AND Password = ' . $db->qstr ( md5 ( $_POST['password'] ) );

		if ( $db->RecordCount ( $query ) == 1 )
		{
			$row = $db->getRow ( $query );
			if ( $row->Active == 1 )
			{
				set_login_sessions ( $row->ID, $row->Password, ( $_POST['remember'] ) ? TRUE : FALSE );
				header ( "Location: " . REDIRECT_AFTER_LOGIN );
			}
			elseif ( $row->Active == 0 ) {
				$error = 'Your membership was not activated. Please open the email that we sent and click on the activation link.';
			}
			elseif ( $row->Active == 2 ) {
				$error = 'You are suspended!';
			}
		}
		else {		
			$error = 'Login failed!';		
		}
	}
	else {
		$error = 'Please use both your username and password to access your account';
	}
}
?><?php session_start(); ?><table width="200" border="1">
  <tr>
    <td>hello</td>
  </tr>
  <tr>
    <td><?php include("login.php"); ?></td>
  </tr>
</table> 

[revraz]

session_start(); has to be the first line of code.

[runnerjp]

but howcomes when i did this it worked lol