Solved

Getting error message saying headers already sent.

Posted on 2008-06-12
16
164 Views
Last Modified: 2009-12-16
I am receiving an error message saying that the headers have already been sent, but not sure why.  The error message is:

Warning: Cannot modify header information - headers already sent by (login.php)

if($_POST['Submit']) {
	$grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");
		if($user = mysql_fetch_assoc($grabUser)) {
			$username = $user['strUsername'];
			$password = md5($user['strPassword']);
		}
			
		if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
			header("location:/index.php");
			exit();
		}
}

Open in new window

0
Comment
Question by:pingeyeg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 4
  • +1
16 Comments
 
LVL 17

Expert Comment

by:nplib
ID: 21771126
that means there's output before header is fired.
0
 
LVL 82

Expert Comment

by:hielo
ID: 21771138
The problem is caused/triggered by this:
header("location:/index.php");

You have already sent data to the browser, hence the warning. Put this at the top of your page:
<?php
ob_start();
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771169
hielo,

Now the page just refreshes upon login.

nplib,

I moved my constants file below the code that fired the header so now that stopped, but the code is not taking me to the index.php page.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 17

Expert Comment

by:nplib
ID: 21771182
can you post all your code.
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771281

<?php
 
/* Check to see if the user is authenticated and then connect to the database to grab user's information and send him on his/her way.
*/
 
session_start();
 
include("includes/db.php"); // $conn
 
// Once submit button has been pressed, call the getUser function to validate the user.  If user has been validated then they are granted access to the main section.  If not, they are sent back to the login page to register.
 
if($_POST['Submit']) {
	$grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");
		if($user = mysql_fetch_assoc($grabUser)) {
			$username = $user['strUsername'];
			$password = md5($user['strPassword']);
		}
 
		if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
			header("location:/index.php");
			exit();
		} elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {
			echo $result;
		}
}
 
// Call the constant files
include("includes/constants.php");
 
?>
 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title><?= TITLE ?></title>
<link type="text/css" href="/styles/login.css" rel="stylesheet">
</head>
<body>
<table width="100%" class="layout" cellspacing="0" cellpadding="0">
<tr><td valign="middle" align="center">
<div class="start">
<div class="message_login">
<?= LOGIN_CONTENT ?>
<div style="margin-top: 5px">
	<?= $result ?>
</div>
</div>
<div class="login_start">
 <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">
 <span class="title">Username:</span><br/>
 <input type="text" name="strUsername" size="20" maxlength="20">
 <div style="margin-top: 10px">
 <span class="title">Password:</span></br>
 <input type="password" name="strPassword" size="20" maxlength="20">
 </div>
 <div style="margin-top: 10px">
 <input type="image" name="Submit" value="1" src="/images/enterbtn.png" alt="Enter Site">
 </div>
 <div class="links" style="margin-top: 10px">
 <a href="/register.php">Register Me</a> | <a href="/forgot.php">Forgot Password</a> </div>
 </form>
</div>
</div>
</td></tr>
</table>
</body>
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 21771321
at the top add print_r($_POST);

see if your image submit but is submitting it's value.

When I tried something similar to that long time ago, it would only work in FF and not IE or visa versa,
0
 
LVL 17

Expert Comment

by:nplib
ID: 21771345
Also, I've found sometimes using the name "Submit" to cause problems so try using a different name like
submit_action or bob or whatever
0
 
LVL 17

Assisted Solution

by:nplib
nplib earned 50 total points
ID: 21771364
Lastly the simplest solution is to add a hidden field and check for that instead
<?php
 
/* Check to see if the user is authenticated and then connect to the database to grab user's information and send him on his/her way.
*/
 
session_start();
 
include("includes/db.php"); // $conn
 
// Once submit button has been pressed, call the getUser function to validate the user.  If user has been validated then they are granted access to the main section.  If not, they are sent back to the login page to register.
 
if($_POST['submit_action']) {
        $grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login");
                if($user = mysql_fetch_assoc($grabUser)) {
                        $username = $user['strUsername'];
                        $password = md5($user['strPassword']);
                }
 
                if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
                        header("location:/index.php");
                        exit();
                } elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {
                        echo $result;
                }
}
 
// Call the constant files
include("includes/constants.php");
 
?>
 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title><?= TITLE ?></title>
<link type="text/css" href="/styles/login.css" rel="stylesheet">
</head>
<body>
<table width="100%" class="layout" cellspacing="0" cellpadding="0">
<tr><td valign="middle" align="center">
<div class="start">
<div class="message_login">
<?= LOGIN_CONTENT ?>
<div style="margin-top: 5px">
        <?= $result ?>
</div>
</div>
<div class="login_start">
 <form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">
 <span class="title">Username:</span><br/>
 <input type="text" name="strUsername" size="20" maxlength="20">
 <div style="margin-top: 10px">
 <span class="title">Password:</span></br>
 <input type="password" name="strPassword" size="20" maxlength="20">
 </div>
 <div style="margin-top: 10px">
 <input type="image" src="/images/enterbtn.png" alt="Enter Site">
 <input type="hidden" name="submit_action" value="true" />
 </div>
 <div class="links" style="margin-top: 10px">
 <a href="/register.php">Register Me</a> | <a href="/forgot.php">Forgot Password</a> </div>
 </form>
</div>
</div>
</td></tr>
</table>
</body>
</html>

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771645
Well right now I am not getting any error messages, the image button is being sent to the page correctly, but I am not being sent to the next page either.
0
 
LVL 4

Accepted Solution

by:
afzz earned 200 total points
ID: 21771684
try the following code
if($_POST['submit_action']) {
        $grabUser = mysql_query("SELECT strUsername, strPassword, strValid from login where strUsername='".$_POST['strUsername']."'");
if(mysql_num_rows($grabUser) > 0){
                if($user = mysql_fetch_assoc($grabUser)) {
                        $username = $user['strUsername'];
                        $password = md5($user['strPassword']);
                }
 }
                if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
                        header("location:/index.php");
                        exit();
                } elseif(isset($username) !== $_POST['strUsername'] && isset($password) !== md5($_POST['strPassword'])) {
                        echo $result;
                }
}

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771736
Apparently the portion that is hurting me right now is this (when I have it commented out the page is sent correctly, but when it isn't commented out the page just refreshes to the login screen):
function checkAuth() {
	if(!isset($_SESSION["strUsername"])) {
	        header("Location: /login.php");
	        exit();
	}
	 
	if(!isset($_SESSION['session_count'])) {
	        $_SESSION['session_count']=0;
	        $_SESSION['session_start']=time();
	} else {
	        ++$_SESSION['session_count'];
	} 
	 
	$session_timeout = 300;
	if (time() - $_SESSION['session_start'] > $session_timeout) {
	        header("Location: /logout.php");
	        exit();
	}
	
	$_SESSION['session_start'] = time();
}
 
checkAuth();

Open in new window

0
 
LVL 4

Assisted Solution

by:afzz
afzz earned 200 total points
ID: 21771788
change the code here to the following
if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {
$_SESSION["strUsername"]=$username;
                        header("location:/index.php");
                        exit();

Open in new window

0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771835
Why did adding $_SESSION['strUsername']=$username; make any difference if the page that has that function doesn't use the variable $username?  I'm confused.
0
 
LVL 4

Expert Comment

by:afzz
ID: 21771894
You are authenticating the user against the database here and setting that variable
if($user = mysql_fetch_assoc($grabUser)) {
                        $username = $user['strUsername'];
                        $password = md5($user['strPassword']);
                }

once that is done and you validate his password here
if(isset($username) == $_POST['strUsername'] && isset($password) == md5($_POST['strPassword'])) {

you set his user name in the session variable here and forward him to the index.php page
$_SESSION["strUsername"]=$username;
                        header("location:/index.php");
                        exit();
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 21771933
I guess what I am confused about is the fact that you converted the session value into a variable.  Since the function I have doesn't have that variable in the code, I wasn't understanding why you did that.  Obviously I am missing something, but I'm learning every day.
0
 
LVL 4

Expert Comment

by:afzz
ID: 21771986
your code has to set the session variable somewhere so that you can check for that variable on another page. Here you have to set the user name into the session variable so you can check for that variable on another page to see whether the current user whos is accessing that page has the session value set and whether his session has not timed out.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question