Solved

Getting error message saying headers already sent.

Posted on 2008-06-12
16
160 Views
Last Modified: 2009-12-16
I am receiving an error message saying that the headers have already been sent, but not sure why.  The error message is:

Warning: Cannot modify header information - headers already sent by (login.php)

if($_POST['Submit']) {

	$grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");

		if($user = mysql_fetch_assoc($grabUser)) {

			$username = $user['strUsername'];

			$password = md5($user['strPassword']);

		}

			

		if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

			header("location:/index.php");

			exit();

		}

}

Open in new window

0
Comment
Question by:pingeyeg
  • 6
  • 5
  • 4
  • +1
16 Comments
 
LVL 17

Expert Comment

by:nplib
ID: 21771126
that means there's output before header is fired.
0
 
LVL 82

Expert Comment

by:hielo
ID: 21771138
The problem is caused/triggered by this:
header("location:/index.php");

You have already sent data to the browser, hence the warning. Put this at the top of your page:
<?php
ob_start();
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771169
hielo,

Now the page just refreshes upon login.

nplib,

I moved my constants file below the code that fired the header so now that stopped, but the code is not taking me to the index.php page.
0
 
LVL 17

Expert Comment

by:nplib
ID: 21771182
can you post all your code.
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771281

<?php
 

/* Check to see if the user is authenticated and then connect to the database to grab user's information and send him on his/her way.

*/
 

session_start();
 

include("includes/db.php"); // $conn
 

// Once submit button has been pressed, call the getUser function to validate the user.  If user has been validated then they are granted access to the main section.  If not, they are sent back to the login page to register.
 

if($_POST['Submit']) {

	$grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");

		if($user = mysql_fetch_assoc($grabUser)) {

			$username = $user['strUsername'];

			$password = md5($user['strPassword']);

		}
 

		if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

			header("location:/index.php");

			exit();

		} elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {

			echo $result;

		}

}
 

// Call the constant files

include("includes/constants.php");
 

?>
 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />

<title><?= TITLE ?></title>

<link type="text/css" href="/styles/login.css" rel="stylesheet">

</head>

<body>

<table width="100%" class="layout" cellspacing="0" cellpadding="0">

<tr><td valign="middle" align="center">

<div class="start">

<div class="message_login">

<?= LOGIN_CONTENT ?>

<div style="margin-top: 5px">

	<?= $result ?>

</div>

</div>

<div class="login_start">

 <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">

 <span class="title">Username:</span><br/>

 <input type="text" name="strUsername" size="20" maxlength="20">

 <div style="margin-top: 10px">

 <span class="title">Password:</span></br>

 <input type="password" name="strPassword" size="20" maxlength="20">

 </div>

 <div style="margin-top: 10px">

 <input type="image" name="Submit" value="1" src="/images/enterbtn.png" alt="Enter Site">

 </div>

 <div class="links" style="margin-top: 10px">

 <a href="/register.php">Register Me</a> | <a href="/forgot.php">Forgot Password</a> </div>

 </form>

</div>

</div>

</td></tr>

</table>

</body>

</html>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 21771321
at the top add print_r($_POST);

see if your image submit but is submitting it's value.

When I tried something similar to that long time ago, it would only work in FF and not IE or visa versa,
0
 
LVL 17

Expert Comment

by:nplib
ID: 21771345
Also, I've found sometimes using the name "Submit" to cause problems so try using a different name like
submit_action or bob or whatever
0
 
LVL 17

Assisted Solution

by:nplib
nplib earned 50 total points
ID: 21771364
Lastly the simplest solution is to add a hidden field and check for that instead
<?php

 

/* Check to see if the user is authenticated and then connect to the database to grab user's information and send him on his/her way.

*/

 

session_start();

 

include("includes/db.php"); // $conn

 

// Once submit button has been pressed, call the getUser function to validate the user.  If user has been validated then they are granted access to the main section.  If not, they are sent back to the login page to register.

 

if($_POST['submit_action']) {

        $grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");

                if($user = mysql_fetch_assoc($grabUser)) {

                        $username = $user['strUsername'];

                        $password = md5($user['strPassword']);

                }

 

                if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

                        header("location:/index.php");

                        exit();

                } elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {

                        echo $result;

                }

}

 

// Call the constant files

include("includes/constants.php");

 

?>

 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />

<title><?= TITLE ?></title>

<link type="text/css" href="/styles/login.css" rel="stylesheet">

</head>

<body>

<table width="100%" class="layout" cellspacing="0" cellpadding="0">

<tr><td valign="middle" align="center">

<div class="start">

<div class="message_login">

<?= LOGIN_CONTENT ?>

<div style="margin-top: 5px">

        <?= $result ?>

</div>

</div>

<div class="login_start">

 <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">

 <span class="title">Username:</span><br/>

 <input type="text" name="strUsername" size="20" maxlength="20">

 <div style="margin-top: 10px">

 <span class="title">Password:</span></br>

 <input type="password" name="strPassword" size="20" maxlength="20">

 </div>

 <div style="margin-top: 10px">

 <input type="image" src="/images/enterbtn.png" alt="Enter Site">

 <input type="hidden" name="submit_action" value="true" />

 </div>

 <div class="links" style="margin-top: 10px">

 <a href="/register.php">Register Me</a> | <a href="/forgot.php">Forgot Password</a> </div>

 </form>

</div>

</div>

</td></tr>

</table>

</body>

</html>

Open in new window

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Author Comment

by:pingeyeg
ID: 21771645
Well right now I am not getting any error messages, the image button is being sent to the page correctly, but I am not being sent to the next page either.
0
 
LVL 4

Accepted Solution

by:
afzz earned 200 total points
ID: 21771684
try the following code
if($_POST['submit_action']) {

        $grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login where strUsername='".$_POST['strUsername']."'");

if(mysql_num_rows($grabUser) > 0){

                if($user = mysql_fetch_assoc($grabUser)) {

                        $username = $user['strUsername'];

                        $password = md5($user['strPassword']);

                }

 }

                if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

                        header("location:/index.php");

                        exit();

                } elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {

                        echo $result;

                }

}

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771736
Apparently the portion that is hurting me right now is this (when I have it commented out the page is sent correctly, but when it isn't commented out the page just refreshes to the login screen):
function checkAuth() {

	if(!isset($_SESSION["strUsername"])) {

	        header("Location: /login.php");

	        exit();

	}

	 

	if(!isset($_SESSION['session_count'])) {

	        $_SESSION['session_count']=0;

	        $_SESSION['session_start']=time();

	} else {

	        ++$_SESSION['session_count'];

	} 

	 

	$session_timeout = 300;

	if (time() - $_SESSION['session_start'] > $session_timeout) {

	        header("Location: /logout.php");

	        exit();

	}

	

	$_SESSION['session_start'] = time();

}
 

checkAuth();

Open in new window

0
 
LVL 4

Assisted Solution

by:afzz
afzz earned 200 total points
ID: 21771788
change the code here to the following
if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

$_SESSION["strUsername"]=$username;

                        header("location:/index.php");

                        exit();

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771835
Why did adding $_SESSION['strUsername']=$username; make any difference if the page that has that function doesn't use the variable $username?  I'm confused.
0
 
LVL 4

Expert Comment

by:afzz
ID: 21771894
You are authenticating the user against the database here and setting that variable
if($user = mysql_fetch_assoc($grabUser)) {
                        $username = $user['strUsername'];
                        $password = md5($user['strPassword']);
                }

once that is done and you validate his password here
if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

you set his user name in the session variable here and forward him to the index.php page
$_SESSION["strUsername"]=$username;
                        header("location:/index.php");
                        exit();
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771933
I guess what I am confused about is the fact that you converted the session value into a variable.  Since the function I have doesn't have that variable in the code, I wasn't understanding why you did that.  Obviously I am missing something, but I'm learning every day.
0
 
LVL 4

Expert Comment

by:afzz
ID: 21771986
your code has to set the session variable somewhere so that you can check for that variable on another page. Here you have to set the user name into the session variable so you can check for that variable on another page to see whether the current user whos is accessing that page has the session value set and whether his session has not timed out.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Popularity Can Be Measured Sometimes we deal with questions of popularity, and we need a way to collect opinions from our clients.  This article shows a simple teaching example of how we might elect a favorite color by letting our clients vote for …
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now