blueman378 Posted March 12, 2008 Share Posted March 12, 2008 hi guys well heres the suspect code: <?php include("webspirited/functions.php"); $fin = date("Y-m-d"); $fname = strip($_POST["firstname"]); $fname = ereg_replace("[^A-Za-z ]", "", $fname); $lname = strip($_POST["lastname"]); $lname = ereg_replace("[^A-Za-z ]", "", $lname); $username = "{$fname}.{$lname}"; $username = ereg_replace("[^A-Za-z.]", "", $username); $username = strtolower($username); $userlevel = strip($_POST["userlevel"]); if ($_SESSION['level'] < "3") { $userlevel=1; } $activation = strip($_POST['activation']); if ($_SESSION['level'] < "3") { $activation=0; } $email = strip($_POST["email"]); $number = ereg_replace("[^0-9]", "", $_POST["phone"]); $title = strip($_POST["title"]); $descr = strip($_POST["description"]); $priority = strip($_POST["urgency"]); $password = strip_encode($_POST['password']); $password2 = strip_encode($_POST['password2']); $month = ereg_replace("[^0-9]", "", $_POST["month"]); $day = ereg_replace("[^0-9]", "", $_POST["day"]); $year = ereg_replace("[^0-9]", "", $_POST["year"]); $finish = "{$year}-{$month}-{$day}"; $start = date("Y-m-d"); ?> <div class="moduleleftheader">New Project</div> <div class="form"> <form name="register" method="POST" action="?edit=newproject"> <table> <tr> <td> <label for=firstname>First Name:</label> </td> <td> <input name="firstname" id="firstname" type="text" size="37" maxlength="15"><br> </td> </tr> <tr> <td> <label for=lastname>Last Name:</label> </td> <td> <input name="lastname" id="lastname" type="text" size="37" maxlength="15"><br> </td> </tr> <tr> <td> <label for=email>Email Address:</label> </td> <td> <input name="email" id="email" type="text" size="37" maxlength="35"><br> </td> </tr> <tr> <td> <label for=phone>Phone Number:</label> </td> <td> <input name="phone" id="phone" type="text" size="37" maxlength="10"><br> </td> </tr> <tr> <td> </td> </tr> <tr> <td> <label for=title>Site Title:</label> </td> <td> <input name="title" id="title" type="text" size="37" maxlength="50"> </td> </tr> <tr> <td> <label for=description>Description:</label> </td> <td> <textarea name="description" id="description" cols="34" rows="4" onkeydown="limitText(this.form.description,this.form.countdown,200);" onkeyup="limitText(this.form.description,this.form.countdown,200);"></textarea><br /> You have <input type="text" name="countdown" size="1" value="200" readonly="readonly"> characters left.</font> </td> </tr> <tr> <td> <label for=year>Finish Date:</label> </td> <td> <select name="day"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="23">23</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="month"> <option value="1">Jan</option> <option value="2">Feb</option> <option value="3">Mar</option> <option value="4">Apr</option> <option value="5">May</option> <option value="6">Jun</option> <option value="7">Jul</option> <option value="8">Aug</option> <option value="9">Sep</option> <option value="10">Oct</option> <option value="11">Nov</option> <option value="12">Dec</option> </select> <select name="year" id="year"> <option value="<? echo date('Y'); ?>" selected="selected"><? echo date('Y'); ?></option> <option value="<? echo date('Y')+1; ?>"><? echo date('Y')+1; ?></option> <option value="<? echo date('Y')+2; ?>"><? echo date('Y')+2; ?></option> <option value="<? echo date('Y')+3; ?>"><? echo date('Y')+3; ?></option> <option value="<? echo date('Y')+4; ?>"><? echo date('Y')+4; ?></option> </select> </td> </tr> <tr> <td> <label for=urgency>Priority:</label> </td> <td> <select name="urgency" id="urgency"> <option value="3">High</option> <option value="2" selected="selected">Medium</option> <option value="1">Low</option> </select> </td> </tr> <tr> <td> <label for=extra>Extra Info:</label> </td> <td> <textarea name="extra" id="extra" cols="34" rows="4" onkeydown="limitText(this.form.extra,this.form.countdown1,200);" onkeyup="limitText(this.form.extra,this.form.countdown1,200);"></textarea><br /> You have <input type="text" name="countdown1" size="1" value="200" readonly="readonly"> characters left.</font> </td> </tr> <tr> <td> </td> </tr> <tr> <td> <label for="userlevel">User Level:</label> </td> <td> <select name="userlevel" id="userlevel"> <option value="1">Viewer</option> <option value="2" selected="selected">Client</option> <option value="3">Admin</option> </select> </td> </tr> <tr> <td> <label for="activation">Activation:</label> </td> <td> <select name="activation" id="activation" style="width:150px;"> <option value="0" <? if ($userlevel=='0') echo "selected=\"selected\""; ?>>Requires Activation</option> <option value="1" <? if ($userlevel=='1') echo "selected=\"selected\""; ?>>Activated</option> </select> </td> </tr> <tr> <td> <label for=password>Password:</label> </td> <td> <input name="password" id="password" type="password" size="37" maxlength="25"> </td> </tr> <tr> <td> <label for=password2>Retype Password:</label> </td> <td> <input name="password2" id="password2" type="password" size="37" maxlength="25"> </td> </tr> <tr> <td> </td> <td align="center"> <input type="submit" value="Create Client" class="button"> <input type="reset" value="Reset Form" class="button"> </td> </tr> </table> </form> <?php if (validate_form($email, $_POST['password'], $_POST['password2'], $username, $month, $day, $year)) { echo $errmes; } else { mysql_connect('localhost','root',''); @mysql_select_db("webspirited") or die("Unable to select database"); mysql_query("INSERT INTO users ( `username`, `password`, `email`, `actcode`, `id`, `userlevel`, `timestamp`, `disabled`, `activated` ) VALUES ( '$username', '$password', '$email', '', '', '$userlevel', '', '', '$activation' ) ") or die("Your have an error in users because:<br />" . mysql_error()); mysql_query("INSERT INTO projects ( `Title`, `Description`, `finish`, `Priority`, `extra`, `start`, `id` ) VALUES ( '$title', '$descr', '$finish', '$priority', '$extra', '$start', '' ) ") or die("Your have an error in projects because:<br />" . mysql_error()); mysql_query("INSERT INTO contact ( `Fname`, `Lname`, `Phone`, `Email`, `id` ) VALUES ( '$fname', '$lname', '$number', '$email', '' ) ") or die("Your have an error in contacts because:<br />" . mysql_error()); mysql_close(); header("Location: webspirited/admin/toolsuccess.php?edit=newproject"); } ?> <p> <br> <a href="index.php">Back to Main Site</a> </p> </div> and heres the error: Warning: Cannot modify header information - headers already sent by (output started at C:\Documents and Settings\Matthew\My Documents\Web\webspirited\admin\newproject.php:165) in C:\Documents and Settings\Matthew\My Documents\Web\webspirited\admin\newproject.php on line 330 and heres line 165: <option value="<? echo date('Y')+1; ?>"><? echo date('Y')+1; ?></option> and heres 330: header("Location: webspirited/admin/toolsuccess.php?edit=newproject"); cheers we have looked and cant find out why Quote Link to comment Share on other sites More sharing options...
dsaba Posted March 12, 2008 Share Posted March 12, 2008 you can't output anything before headers are sent. Apparently you are echoing (outputting) something before you send the headers. Quote Link to comment Share on other sites More sharing options...
conker87 Posted March 12, 2008 Share Posted March 12, 2008 You're outputting html before you send the header. Try just echoing a link instead of putting header() there. Quote Link to comment Share on other sites More sharing options...
haku Posted March 12, 2008 Share Posted March 12, 2008 Move all this: <?php if (validate_form($email, $_POST['password'], $_POST['password2'], $username, $month, $day, $year)) { echo $errmes; } else { mysql_connect('localhost','root',''); @mysql_select_db("webspirited") or die("Unable to select database"); mysql_query("INSERT INTO users ( `username`, `password`, `email`, `actcode`, `id`, `userlevel`, `timestamp`, `disabled`, `activated` ) VALUES ( '$username', '$password', '$email', '', '', '$userlevel', '', '', '$activation' ) ") or die("Your have an error in users because:<br />" . mysql_error()); mysql_query("INSERT INTO projects ( `Title`, `Description`, `finish`, `Priority`, `extra`, `start`, `id` ) VALUES ( '$title', '$descr', '$finish', '$priority', '$extra', '$start', '' ) ") or die("Your have an error in projects because:<br />" . mysql_error()); mysql_query("INSERT INTO contact ( `Fname`, `Lname`, `Phone`, `Email`, `id` ) VALUES ( '$fname', '$lname', '$number', '$email', '' ) ") or die("Your have an error in contacts because:<br />" . mysql_error()); mysql_close(); header("Location: webspirited/admin/toolsuccess.php?edit=newproject"); } ?> To the very top of the script before everything that is already there. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.