Error with website Auth protector?

[winmastergames]

I found a website script called Max's Site Protector its great so far but it keeps coming up with this error (warning)

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\WAC-BETA\page-6.php:1) in C:\xampp\htdocs\WAC-BETA\protect-class.php on line 65

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\WAC-BETA\page-6.php:1) in C:\xampp\htdocs\WAC-BETA\protect-class.php on line 65

 

Heres the script:

<?php
/*************************************************
* WAC(WinAdministrationCenter Auth script POWERED BY Max's Site Protector
*
* Version: 1.0
* Date: 2007-11-27
*
****************************************************/
class maxProtector{
var $password = 'password'; //ENTER PASSWORD HERE

    function showLoginForm(){
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Please login to access this feature</title>
Can someone help? Please?
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <link href="style/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
       <div id="container">
            <div id="header"><div id="header_left"></div>
            <div id="header_main">Please login to access this feature</div><div id="header_right"></div></div>
            <div id="content">
                <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
                     <center>
                         <label>Password:
                             <input name="passwd" type="password" size="20" />
                         </label><br/>
                         <label>
                             <input type="submit" name="submitBtn" class="sbtn" value="Login" />
                         </label>
                     </center>
                 </form>
             </div>
             <div id="footer"><a href="http://www.phpf1.com" target="_blank">Powered by Max's Site Protector</a></div>
         </div>
</body>		 
<?php
    }

    function login(){
	$loggedin = isset($_SESSION['loggedin']) ? $_SESSION['loggedin'] : false;
        if ( (!isset($_POST['submitBtn'])) && (!($loggedin))){
            $_SESSION['loggedin'] = false;
		   $this->showLoginForm();
		   exit();
        } else if (isset($_POST['submitBtn'])) {
		   $pass = isset($_POST['passwd']) ? $_POST['passwd'] : '';
      
		   if ($pass != $this->password) {
			   $_SESSION['loggedin'] = false;
			   $this->showLoginForm();
			   exit();     
		   } else {
			   $_SESSION['loggedin'] = true;
		   }
        }

    }
}

// Auto create
session_start();
$protector = new maxProtector();
$protector->login();
?>

 

[sKunKbad]

it has that error message because session_start(); is being called after output to the browser.

[winmastergames]

So how will i fix it?

[sKunKbad]

move

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Please login to access this feature</title>
Can someone help? Please?
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <link href="style/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
       <div id="container">
            <div id="header"><div id="header_left"></div>
            <div id="header_main">Please login to access this feature</div><div id="header_right"></div></div>
            <div id="content">
                <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
                     <center>
                         <label>Password:
                             <input name="passwd" type="password" size="20" />
                         </label><br/>
                         <label>
                             <input type="submit" name="submitBtn" class="sbtn" value="Login" />
                         </label>
                     </center>
                 </form>
             </div>
             <div id="footer"><a href="http://www.phpf1.com" target="_blank">Powered by Max's Site Protector</a></div>
         </div>
</body>
[code]
below the php at the bottom of what you showed me and see if it works.

[/code]

[winmastergames]

Well i tried that and now its a blank screen with just the following error last time it showed the script and the error above it

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\WAC-BETA\index.php:1) in C:\xampp\htdocs\WAC-BETA\protect-class.php on line 39

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\WAC-BETA\index.php:1) in C:\xampp\htdocs\WAC-BETA\protect-class.php on line 39

[sKunKbad]

I downloaded the script and took a look at what you are dealing with. You need to show the code for the page you are trying to protect. At the very top of that page you would have the include:

 

<?php require_once("maxProtector.class.php"); ?>

 

Line 39 of your protect-class.php script is what is causing the problem. Can you post more of the code you are dealing with? BTW...if you are on a server with apache installed, you can do this much easier by using .htaccess / .htpasswd files. The .htaccess / .htpasswd asks for user name and password, and the password is stored in encrypted form, where in this script you are using the password is a plain string.