Solved

Getting error message saying headers already sent.

Posted on 2008-06-12
16
166 Views
Last Modified: 2009-12-16
I am receiving an error message saying that the headers have already been sent, but not sure why.  The error message is:

Warning: Cannot modify header information - headers already sent by (login.php)

if($_POST['Submit']) {
	$grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");
		if($user = mysql_fetch_assoc($grabUser)) {
			$username = $user['strUsername'];
			$password = md5($user['strPassword']);
		}
			
		if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
			header("location:/index.php");
			exit();
		}
}

Open in new window

0
Comment
Question by:pingeyeg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 4
  • +1
16 Comments
 
LVL 17

Expert Comment

by:nplib
ID: 21771126
that means there's output before header is fired.
0
 
LVL 82

Expert Comment

by:hielo
ID: 21771138
The problem is caused/triggered by this:
header("location:/index.php");

You have already sent data to the browser, hence the warning. Put this at the top of your page:
<?php
ob_start();
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771169
hielo,

Now the page just refreshes upon login.

nplib,

I moved my constants file below the code that fired the header so now that stopped, but the code is not taking me to the index.php page.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 17

Expert Comment

by:nplib
ID: 21771182
can you post all your code.
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771281

<?php
 
/* Check to see if the user is authenticated and then connect to the database to grab user's information and send him on his/her way.
*/
 
session_start();
 
include("includes/db.php"); // $conn
 
// Once submit button has been pressed, call the getUser function to validate the user.  If user has been validated then they are granted access to the main section.  If not, they are sent back to the login page to register.
 
if($_POST['Submit']) {
	$grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");
		if($user = mysql_fetch_assoc($grabUser)) {
			$username = $user['strUsername'];
			$password = md5($user['strPassword']);
		}
 
		if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
			header("location:/index.php");
			exit();
		} elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {
			echo $result;
		}
}
 
// Call the constant files
include("includes/constants.php");
 
?>
 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title><?= TITLE ?></title>
<link type="text/css" href="/styles/login.css" rel="stylesheet">
</head>
<body>
<table width="100%" class="layout" cellspacing="0" cellpadding="0">
<tr><td valign="middle" align="center">
<div class="start">
<div class="message_login">
<?= LOGIN_CONTENT ?>
<div style="margin-top: 5px">
	<?= $result ?>
</div>
</div>
<div class="login_start">
 <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">
 <span class="title">Username:</span><br/>
 <input type="text" name="strUsername" size="20" maxlength="20">
 <div style="margin-top: 10px">
 <span class="title">Password:</span></br>
 <input type="password" name="strPassword" size="20" maxlength="20">
 </div>
 <div style="margin-top: 10px">
 <input type="image" name="Submit" value="1" src="/images/enterbtn.png" alt="Enter Site">
 </div>
 <div class="links" style="margin-top: 10px">
 <a href="/register.php">Register Me</a> | <a href="/forgot.php">Forgot Password</a> </div>
 </form>
</div>
</div>
</td></tr>
</table>
</body>
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 21771321
at the top add print_r($_POST);

see if your image submit but is submitting it's value.

When I tried something similar to that long time ago, it would only work in FF and not IE or visa versa,
0
 
LVL 17

Expert Comment

by:nplib
ID: 21771345
Also, I've found sometimes using the name "Submit" to cause problems so try using a different name like
submit_action or bob or whatever
0
 
LVL 17

Assisted Solution

by:nplib
nplib earned 50 total points
ID: 21771364
Lastly the simplest solution is to add a hidden field and check for that instead
<?php
 
/* Check to see if the user is authenticated and then connect to the database to grab user's information and send him on his/her way.
*/
 
session_start();
 
include("includes/db.php"); // $conn
 
// Once submit button has been pressed, call the getUser function to validate the user.  If user has been validated then they are granted access to the main section.  If not, they are sent back to the login page to register.
 
if($_POST['submit_action']) {
        $grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");
                if($user = mysql_fetch_assoc($grabUser)) {
                        $username = $user['strUsername'];
                        $password = md5($user['strPassword']);
                }
 
                if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
                        header("location:/index.php");
                        exit();
                } elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {
                        echo $result;
                }
}
 
// Call the constant files
include("includes/constants.php");
 
?>
 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title><?= TITLE ?></title>
<link type="text/css" href="/styles/login.css" rel="stylesheet">
</head>
<body>
<table width="100%" class="layout" cellspacing="0" cellpadding="0">
<tr><td valign="middle" align="center">
<div class="start">
<div class="message_login">
<?= LOGIN_CONTENT ?>
<div style="margin-top: 5px">
        <?= $result ?>
</div>
</div>
<div class="login_start">
 <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">
 <span class="title">Username:</span><br/>
 <input type="text" name="strUsername" size="20" maxlength="20">
 <div style="margin-top: 10px">
 <span class="title">Password:</span></br>
 <input type="password" name="strPassword" size="20" maxlength="20">
 </div>
 <div style="margin-top: 10px">
 <input type="image" src="/images/enterbtn.png" alt="Enter Site">
 <input type="hidden" name="submit_action" value="true" />
 </div>
 <div class="links" style="margin-top: 10px">
 <a href="/register.php">Register Me</a> | <a href="/forgot.php">Forgot Password</a> </div>
 </form>
</div>
</div>
</td></tr>
</table>
</body>
</html>

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771645
Well right now I am not getting any error messages, the image button is being sent to the page correctly, but I am not being sent to the next page either.
0
 
LVL 4

Accepted Solution

by:
afzz earned 200 total points
ID: 21771684
try the following code
if($_POST['submit_action']) {
        $grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login where strUsername='".$_POST['strUsername']."'");
if(mysql_num_rows($grabUser) > 0){
                if($user = mysql_fetch_assoc($grabUser)) {
                        $username = $user['strUsername'];
                        $password = md5($user['strPassword']);
                }
 }
                if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
                        header("location:/index.php");
                        exit();
                } elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {
                        echo $result;
                }
}

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771736
Apparently the portion that is hurting me right now is this (when I have it commented out the page is sent correctly, but when it isn't commented out the page just refreshes to the login screen):
function checkAuth() {
	if(!isset($_SESSION["strUsername"])) {
	        header("Location: /login.php");
	        exit();
	}
	 
	if(!isset($_SESSION['session_count'])) {
	        $_SESSION['session_count']=0;
	        $_SESSION['session_start']=time();
	} else {
	        ++$_SESSION['session_count'];
	} 
	 
	$session_timeout = 300;
	if (time() - $_SESSION['session_start'] > $session_timeout) {
	        header("Location: /logout.php");
	        exit();
	}
	
	$_SESSION['session_start'] = time();
}
 
checkAuth();

Open in new window

0
 
LVL 4

Assisted Solution

by:afzz
afzz earned 200 total points
ID: 21771788
change the code here to the following
if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
$_SESSION["strUsername"]=$username;
                        header("location:/index.php");
                        exit();

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771835
Why did adding $_SESSION['strUsername']=$username; make any difference if the page that has that function doesn't use the variable $username?  I'm confused.
0
 
LVL 4

Expert Comment

by:afzz
ID: 21771894
You are authenticating the user against the database here and setting that variable
if($user = mysql_fetch_assoc($grabUser)) {
                        $username = $user['strUsername'];
                        $password = md5($user['strPassword']);
                }

once that is done and you validate his password here
if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

you set his user name in the session variable here and forward him to the index.php page
$_SESSION["strUsername"]=$username;
                        header("location:/index.php");
                        exit();
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771933
I guess what I am confused about is the fact that you converted the session value into a variable.  Since the function I have doesn't have that variable in the code, I wasn't understanding why you did that.  Obviously I am missing something, but I'm learning every day.
0
 
LVL 4

Expert Comment

by:afzz
ID: 21771986
your code has to set the session variable somewhere so that you can check for that variable on another page. Here you have to set the user name into the session variable so you can check for that variable on another page to see whether the current user whos is accessing that page has the session value set and whether his session has not timed out.
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Popularity Can Be Measured Sometimes we deal with questions of popularity, and we need a way to collect opinions from our clients.  This article shows a simple teaching example of how we might elect a favorite color by letting our clients vote for …
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question