[SOLVED] Warning Headers already sent... can't figure out where it's coming from.

[advancedfuture]

when I am in my inbox and select mail to delete and hit the delete button I get the following error.

 

"Warning: Cannot modify header information - headers already sent by (output started at C:\wamp\www\mail.php:91) in C:\wamp\www\mail.php on line 112"

 

Now I don't know why I am getting this error as when I compose a message and click send I don't get header information error... although it is performing the same function on the same page.... I checked for whitespace after the PHP close tag and there is none....

 

 

mail.php

<?php
$_GET['action'];

//if user is accessing the page directly without a switch send them to the inbox.
if($_GET['action'] == NULL)
{
$_GET['action'] = 'inbox';
}

switch($_GET['action'])
{
//BEGIN THE CASE TO COMPOSE A MESSAGE TO A USER
case "compose":

	echo "<form id=\"form1\" name=\"form1\" method=\"post\" action=\"\">";
	echo 'To: <br /><input type="text" name="rcpt" cols="40"/><br />';
	echo "Subject: <br /><input type=\"text\" name=\"mailSubject\" cols=\"40\" value=\"\"/><br />";
	echo "Message: <br /><textarea name=\"message\" cols=\"40\" rows=\"4\"></textarea><br />";
	echo '<input type="submit" name="send" value="Send" />';
	echo "</form>";

	if($_POST['send'])
	{
		//Get the form data
		$rcpt = $_POST['rcpt'];
		$message = addslashes($_POST['message']);
		$mailSubject = addslashes($_POST['mailSubject']);

		//check the DB to see if rcpt exists.
		$query = "SELECT * FROM users WHERE username = '$rcpt'";
		$results = mysql_query($query);
		$num = mysql_num_rows($results);

		//if user is found to exist
		if($num > 0)
		{
			//Send the message	
			$query = "INSERT INTO mail (rcpt, mailFrom, mailSubject, message, opened, timeOpened, timeSent) VALUES 		('$rcpt','$username','$mailSubject','$message','n','','".date(DATE_RFC850)."')";
			$results = mysql_query($query);

			//if message successfully sent.
			if($results)
			{
				echo "<center><strong>Message Sent Successfully! Returning to Inbox!</strong></center>";
				header( "Refresh: 1; mailcenter.php?action=inbox" );
			}
			//if message send fails.
			else
			{
				echo "<center><strong>Message Failure! Please Try Again!</strong></center>";
				header( "Refresh: 1; mailcenter.php?action=inbox" );
			}
		}
		else
		{
			echo "Recipient does not exist!";
			header( "Location: mailcenter.php?action=compose" );
		}
	}
	break;

//BEGIN CASE TO SHOW THE USER INBOX.
case "inbox":

	$query = "SELECT mailFrom, mailSubject,msgid,timeSent  FROM mail WHERE rcpt = '$username'";
	$results = mysql_query($query);
	$num = mysql_num_rows($results);

	echo "<form id=\"form1\" name=\"form1\" method=\"post\" action=\"mailcenter.php?action=inbox\">";
	echo '<table align="left" width="95%" border="0">';		

	if($num == 0)
	{
		echo "<center><strong>Sorry! You have no mail </strong></center>";
	}

	else
	{
		//ECHO HEADING FOR MAIL TABLE
		echo '<tr><td bgcolor="#0066FF"><input type="checkbox" id="all" name="all" value=""></td>';
		echo '<td bgcolor="#0066FF"><strong>From:</strong></td>';
		echo '<td bgcolor="#0066FF"><strong>Subject:</strong></td>';
		echo '<td bgcolor="#0066FF"><strong>Date:</strong></td>';
		echo '<td bgcolor="#0066FF"><strong>Reply:</strong></td></tr>';

		//BEGIN LOOP TO OUTPUT MAIL INBOX FOR USER
		while($rec=mysql_fetch_array($results))
		{
		    echo "<tr><td><input type=\"checkbox\" id=\"".$rec['msgid']."\" name=\"".$rec['msgid']."\" value=\"".$rec['msgid']."\"></td>";
		    echo "<td><a href =\"index.php?username=".$rec['mailFrom']."\">".$rec['mailFrom']."</a></td>";
//THIS IS LINE 91			    echo "<td><a href=\"\">".$rec['mailSubject']."</a></td>";
		    echo "<td>".$rec['timeSent']."</td>";
		    echo "<td><a border=\"0\" href=\"mailcenter.php?action=reply&messageid=".$rec['msgid']."&my_token=".$token."&user=".$username."\"><img src=\"images/reply.jpeg\"></a></td></tr>";
		}

		echo '</table>';
		echo '<input type="submit" name="delete" id="delete" value="Delete Checked" />';
		echo '</form>';


		// Check if delete button active, start this
		if($_POST['delete'])
		{
			foreach($_POST as $msgid)
			{
			$query = "DELETE FROM mail WHERE msgid='$msgid' LIMIT 1";
			$results = mysql_query($query);
			}

			if($results)
			{
//LINE 112				header( "Refresh: 1; mailcenter.php?action=inbox" );
			}
		}
	}
	mysql_close();
	break;

case "reply":

	//Get the username / token / msg ID from the reply button on the message.
	$_GET['user'];
	$_GET['my_token'];
	$msgid = $_GET['messageid'];

	//MAKE SURE THAT ONLY THE CORRECT USER CAN REPLY TO AND SEE THE MESSAGE
	$query = "SELECT * FROM mail WHERE rcpt='$username' and msgid='$msgid'";
	$results = mysql_query($query);
	$num = mysql_num_rows($results);

	if($num != 0) //$username == $_GET['user'] && $token == $_GET['my_token'] && 
	{
		//Retrieve the message from the database so that we can
		//see what we are replying to!

		$query = "SELECT message, mailSubject, mailFrom FROM mail WHERE msgid = '$msgid'";
		$results = mysql_query($query);

		while($row=mysql_fetch_array($results))
		{
			$msg = $row['message'];
			$subj = $row['mailSubject'];
			$mailFrom = $row['mailFrom'];
		}

		//HTML output box so we can see the message and reply.
		echo "<center>";
		echo "<form action=\"mailcenter.php?action=reply\" method=\"post\" enctype=\"multipart/form-data\" name=\"replyMessage\"      id=\"replyMessage\">";
		echo "<input type=\"hidden\" name=\"mailFrom\" value=\"".$mailFrom."\">";
		echo "<strong>Subject:</strong><br /><textarea name=\"mailSubject\" cols=\"40\" rows=\"1\" value=\"\">RE: ".$subj."</textarea><br />";
		echo "<strong>Message:</strong><br /><textarea name=\"message\" cols=\"40\" rows=\"4\" value=\"\">".$msg."</textarea><br />";
		echo '<input type="submit" name="replySubmit" id="replySubmit" value="Reply" />';
		echo "</form></center>";


	//If the Reply button is hit execute this code
	//********************************************
	if($_POST['replySubmit'])
	{
		$mailFrom = $_POST['mailFrom'];
		$message = addslashes($_POST['message']);
		$mailSubject = addslashes($_POST['mailSubject']);

		//Send the reply message	
		$query = "INSERT INTO mail (rcpt, mailFrom, mailSubject, message, opened, timeOpened, timeSent) VALUES ('$mailFrom','$username','$mailSubject','$message','n','','".date(DATE_RFC850)."')";
		$results = mysql_query($query);

		//IF MESSAGE SUCCESSFULLY SENT
		if($results)
		{
			echo "Thank you, your response has been sent! <br />";
			header ( "Refresh: 3; mailcenter.php?action=inbox" );
		}

		//ANY OTHER REASON REDIRECT TO MESSAGE TO TRY AGAIN
		else
		{
			echo "Sorry Message Reply Failed <br />";
			header( "Refresh: 0; ".$_SERVER['REQUEST_URI']."" );
		}
	}
}

//EXECUTE THIS CODE IF THE USER IS TRYING TO ACCESS A DIFFERENT MESSAGE ID. THAT THEY SHOULD SEE.
else
{
	echo "<center><strong>Sorry! You're not a l33t h4x0r! Pwn3d!!</strong></center><br />";
	echo "<center><strong>Did you really think we would let you look at other peoples mail?</strong></center><br />";
	header( "Refresh: 2	; mailcenter.php?action=inbox" );
}	
	break;
}
?>

[BenInBlack]

you need to use output buffering

 

start here

http://us.php.net/manual/en/function.ob-start.php

 

[revraz]

Well it appears line 91's output is making it to the screen before the header.

 

when I am in my inbox and select mail to delete and hit the delete button I get the following error.

 

"Warning: Cannot modify header information - headers already sent by (output started at C:\wamp\www\mail.php:91) in C:\wamp\www\mail.php on line 112"

 

Now I don't know why I am getting this error as when I compose a message and click send I don't get header information error... although it is performing the same function on the same page.... I checked for whitespace after the PHP close tag and there is none....