[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 821
  • Last Modified:

MySQL error: Cannot Modify Header Information, headers already sent out

Hello,

I have a signup form on my site and upon hitting submit i'm receiving the following error(s). It is trying to send a welcome message to the new member.
This was previously working with a different host and I can't seem to locate the problem. Any ideas would be greatly appreciated!

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /var/www/vhosts/growexperts.com/httpdocs/signup.php on line 339

Warning: Cannot modify header information - headers already sent by (output started at /var/www/vhosts/growexperts.com/httpdocs/signup.php:339) in /var/www/vhosts/growexperts.com/httpdocs/signup.php on line 449

<?php
#
#   signup.php
#
 
require_once "_config.php";
if($HTTP_GET_VARS['m'] == '1') $m = "This username has already been registered. If this is your username, please <a href=\"login.php\"> login</a>.";
if($HTTP_GET_VARS['m'] == '2') $m = "Please enter all fields";
if($HTTP_GET_VARS['m'] == '3') $m = "Please enter a valid email";
 
if(@$HTTP_POST_VARS['pidx']){
	 $pidx = $HTTP_POST_VARS['pidx'];
	 $pid = clear($pidx);
}	 
if(@$HTTP_GET_VARS['pidx']){
	 $pidx = $HTTP_GET_VARS['pidx'];
	 $pid = clear($pidx);
}
 
function checkEmail($email) {
	if (ereg("^[a-zA-Z0-9][a-zA-Z0-9_\.\-]*[@][a-zA-Z0-9\.\-]*[\.][a-zA-Z]{2,4}$", $email)) {
		return TRUE;
	} else {
		return FALSE;
	}
}
 
if(@$HTTP_POST_VARS['submit1']){ 
 
	if(@$HTTP_POST_VARS['branch_id']!="" && @$HTTP_POST_VARS['username']!="" && @$HTTP_POST_VARS['customer_pass']!="" && @$HTTP_POST_VARS['status_id']!="" ){
		#check to see if this email has been registered
		$username = mysql_escape_string(trim($HTTP_POST_VARS[username]));
		$pword = mysql_escape_string(trim($HTTP_POST_VARS[customer_pass]));
		$status_id = mysql_escape_string(trim($HTTP_POST_VARS[status_id]));
		$branch_id = mysql_escape_string(trim($HTTP_POST_VARS[branch_id]));
		
		$sql_exist = "
						SELECT * FROM person
						WHERE username = '".$username."'
						AND permission = 3";
		if($res_exist = mysql_query($sql_exist)){
			if (mysql_num_rows($res_exist)>0) {
				$m = "This username has already been registered. If this is your username, please <a href=\"login.php\"> login</a>.";
				$m_type1 = "1";
			}
			else{	
				$sql_new = "
				INSERT INTO person (username, pword, status_id, branch_id, permission, person_active)
				VALUES ('$username','$pword','$status_id', '$branch_id', '3', '1')";
				
				if(mysql_query($sql_new)){
					$pid = mysql_insert_id();
					$pidx = hide($pid);
				}
			}
		}
	}
	
	else {
		$m .= "<br>Please enter all fields";
		$m_type1 = "1";
	}
}
 
#SECOND SET OF INFORMATION SUBMITTED
if(@$HTTP_POST_VARS['submit2']) {
	if(!eregi("<br>Please enter all fields",$m)){
		#if(@$HTTP_POST_VARS['ctype']=="") $m .= "<BR>Please enter all fields";
		#elseif(@$HTTP_POST_VARS['cdate']=="") $m .= "<BR>Please enter all fields";
		#elseif(@$HTTP_POST_VARS['cname']=="") $m .= "<BR>Please enter all fields";
		#elseif(@$HTTP_POST_VARS['ccvn']=="") $m .= "<BR>Please enter all fields";
		#elseif(@$HTTP_POST_VARS['member_level_id']=="") $m .= "<BR>Please enter all fields";	
		#elseif(@$HTTP_POST_VARS['first_name']=="") $m .= "<BR>Please enter all fields";
		#elseif(@$HTTP_POST_VARS['last_name']=="") $m .= "<BR>Please enter all fields";
		#elseif(@$HTTP_POST_VARS['zip']=="") $m .= "<BR>Please enter all fields";
		#elseif(@$HTTP_POST_VARS['email']=="") $m .= "<BR>Please enter all fields";
		if(@$HTTP_POST_VARS['agree_to_terms']=="") $m .= "<BR>Please enter all fields";
	}
	#$HTTP_POST_VARS[cnum] = trim($HTTP_POST_VARS[cnum]);
	#require_once "_cc_validator.php";
 
	#list($cctype, $ccvalid) = validateCC($HTTP_POST_VARS[cnum]);
	#if(!$ccvalid) $m .= "<br>$ccvalid Please enter valid credit card information";
	#$m_type2="1";
	
	if($m == ""){
		if(@$HTTP_POST_VARS['first_name']){
			$first_name = trim($HTTP_POST_VARS[first_name]);
			$first_name = strip_tags($first_name);
			$first_name = htmlentities($first_name,ENT_QUOTES);
		}
		if(@$HTTP_POST_VARS['last_name']){
			$last_name = trim($HTTP_POST_VARS[last_name]);
			$last_name = strip_tags($last_name);
			$last_name = htmlentities($last_name,ENT_QUOTES);
		}
		if(@$HTTP_POST_VARS['city']){
			 $city = trim($HTTP_POST_VARS[city]);
			 $city = strip_tags($city);
			 $city = htmlentities($city,ENT_QUOTES);
		}
		
		if(@$HTTP_POST_VARS['state_id']){
			$HTTP_POST_VARS[state_id] = trim($HTTP_POST_VARS[state_id]);
			if(is_numeric($HTTP_POST_VARS[state_id])) $state_id = $HTTP_POST_VARS[state_id];
		}
		if(@$HTTP_POST_VARS['zip']){
			 $zip = trim($HTTP_POST_VARS[zip]);
			 $zip = strip_tags($zip);
			 $zip = htmlentities($zip,ENT_QUOTES);
		}
		if(@$HTTP_POST_VARS['screenname']){
			 $screenname = trim($HTTP_POST_VARS[screenname]);
			 $screenname = strip_tags($screenname);
			 $screenname = htmlentities($screenname,ENT_QUOTES);
		}
		if(@$HTTP_POST_VARS['email']){	
			if(@$HTTP_POST_VARS['email']=="" || !checkEmail($HTTP_POST_VARS['email'])){
				header("Location: signup.php?m=3");	
				exit;
			}
			$email = mysql_escape_string(trim($HTTP_POST_VARS[email]));	
		}
		if(@$HTTP_POST_VARS['newsletter']){
			 $newsletter = trim($HTTP_POST_VARS[newsletter]);
			 $newsletter = strip_tags($newsletter);
			 $newsletter = htmlentities($newsletter,ENT_QUOTES);
			 if($newsletter != '1') $newsletter = '2';
		}
		if(@$HTTP_POST_VARS['member_level_id']){
			$HTTP_POST_VARS[member_level_id] = trim($HTTP_POST_VARS[member_level_id]);
			if(is_numeric($HTTP_POST_VARS[member_level_id])) $member_level_id = $HTTP_POST_VARS[member_level_id];
		}
		if(@$HTTP_POST_VARS['ctype']){
			 $ctype = trim($HTTP_POST_VARS[ctype]);
			 $ctype = strip_tags($ctype);
			 $ctype = htmlentities($ctype,ENT_QUOTES);
		}
		#if(@$HTTP_POST_VARS['cnum']){			
			#if(is_numeric($HTTP_POST_VARS[cnum])) $cnum = $HTTP_POST_VARS[cnum];
			#else{ 
				#$cnum = ereg_replace("[^[:digit:]]","",$HTTP_POST_VARS[cnum]);
				#$cnum = ereg_replace("-","",$HTTP_POST_VARS[cnum]);
				#$cnum = ereg_replace(" ","",$HTTP_POST_VARS[cnum]);
			#}
			#split cnum into 2
			#$cnum_sub1 = substr($cnum,0,6);
			#$cnum_sub2 = substr($cnum,6,strlen($cnum)-1);	
			#$cnumx1 = hide($cnum_sub1);
			#$cnumx2 = hide($cnum_sub2);
			
			#$cnum_length = strlen($cnum);
			#$cnum_4digits = substr($cnum,-4);
		#} 
		
		#if(@$HTTP_POST_VARS['cdate']){
			#$cdate = trim($HTTP_POST_VARS[cdate]);
			#$cdate = strip_tags($cdate);
			#$cdate = htmlentities($cdate,ENT_QUOTES);			
		#}
		
		#if(@$HTTP_POST_VARS['cname']){
			#$cname = trim($HTTP_POST_VARS[cname]);
			#$cname = strip_tags($cname);
			#$cname = htmlentities($cname,ENT_QUOTES);			
		#}
		#if(@$HTTP_POST_VARS['ccvn']){
			#$HTTP_POST_VARS[ccvn] = trim($HTTP_POST_VARS[ccvn]);
			#if(is_numeric($HTTP_POST_VARS[ccvn])) $ccvn = $HTTP_POST_VARS[ccvn];
		#}
		if(@$HTTP_POST_VARS['agree_to_terms']){
			$HTTP_POST_VARS[agree_to_terms] = trim($HTTP_POST_VARS[agree_to_terms]);
			if(is_numeric($HTTP_POST_VARS[agree_to_terms])) $agree_to_terms = $HTTP_POST_VARS[agree_to_terms];
			if($agree_to_terms!="1") $agree_to_terms = "2";
		}
		if(@$HTTP_POST_VARS['agree_to_recur_payment']){
			$HTTP_POST_VARS[agree_to_recur_payment] = trim($HTTP_POST_VARS[agree_to_recur_payment]);
			if(is_numeric($HTTP_POST_VARS[agree_to_recur_payment])) $agree_to_recur_payment = $HTTP_POST_VARS[agree_to_recur_payment];
			if($agree_to_recur_payment!="1") $agree_to_recur_payment = "2";
		}
		$sql_update = "UPDATE person 
					SET 
					first_name='$first_name' , 
					last_name='$last_name' , 
					city='$city' ,
					state_id='$state_id' , 
					email='$email' ,
					newsletter='$newsletter',
					zip='$zip',
					screenname='$screenname',
					signup_date=NOW()
					WHERE person_id = $pid";
			
				
					if(mysql_query($sql_update)){					
						#ADD THE ACCOUNT INFO
						$pa_res = mysql_query("
						INSERT INTO person_account 
						(
							person_id, 
							member_level_id, 
							cnum1,
							cnum2,
							cnum_length,
							cnum_4digits, 
							ctype, 
							cdate,
							cname,
							ccvn,
							agree_to_terms,
							agree_to_recur_payment
						) VALUES (
							$pid,
							$member_level_id,
							'$cnumx1',
							'$cnumx2',
							'$cnum_length',
							'$cnum_4digits',
							'$ctype',
							'$cdate',
							'$cname',
							'$ccvn',
							'$agree_to_terms',
							'$agree_to_recur_payment'
							
						)
						") or die(mysql_error());
						
						
						#
						#set a cookie as logged in
						setcookie ('ess_login',$pidx);	
						$HTTP_COOKIE_VARS['ess_login']=$pidx;
						require_once "_get_person.php";
						
						# Email Notifier
						include_once "_emailto.php";
						$subject = "Grow Experts Account Confirmation";
						$headers  = 'MIME-Version: 1.0' . "\r\n";
						$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
						$headers .= "From: Welcome to Every Soldiers Story <$new_account_emailfrom>\r\n";
						$message="
						<html>
						<head>
						<style>
						body {
							font-family: Verdana, Arial, Helvetica, sans-serif;
							font-size: 11px;
							font-style: normal;
							color: #000000;	
						}
						td {
							font-family: Verdana, Arial, Helvetica, sans-serif;
							font-size: 11px;
							font-style: normal;
							color: #000000;	
						}
						.bluebar_title {
							color: #FFFFFF;
							background-color: #7B9CBF;
							line-height: 20px;
							padding-left: 5px;
							font-weight: bold;
						}
						.bluebar_text {
							background-color: #FFFFFF;
							border-color: #7B9CBF; 
							border-style: solid; 
							border-width: 1px;
							color:  #000000;
							font-size: 11px;
						}
						</style>
						</head>
						<body>	
							Hi $row_person[first_name]!<br>
							<br>
							Thank You for signing up with Grow Experts!<br>
							<br>
							Login here to see your account information and begin your story.<br>
							<a href=\"$web_site/login.php\">$web_site/login.php</a>
							<br>
							<br>
							<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">
				<tr>
					<td colspan=\"2\">
						<table width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">
							<tr>
								<td valign=\"top\" width=\"9\" height=\"8\" style=\"background-color: #7B9CBF;\"><img src=\"$web_site/images/bluecorner_lefttop.gif\"></td>
								<td class=\"bluebar_title\">YOUR GROW EXPERTS ACCOUNT INFORMATION ::</td>
								<td valign=\"top\" width=\"9\" style=\"background-color: #7B9CBF;\"><img src=\"$web_site/images/bluecorner_righttop.gif\"></td>
							</tr>
						</table>
					</td>
				</tr>
				<tr>
					<td class=\"bluebar_text\">
						<table width=\"100%\" cellpadding=\"0\" cellspacing=\"10\" border=\"0\">
						<tr>
							<td class=\"subhead\" width=\"40%\">Your Name:</td>
							<td>$row_person[first_name] $row_person[last_name]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Screen Name:</td>
							<td>$row_person[screenname]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Username to Login:</td>
							<td>$row_person[username]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Password:</td>
							<td>$row_person[pword]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Account Number:</td>
							<td>$row_person[person_id]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Email Address:</td>
							<td>$row_person[email]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Branch:</td>
							<td><img src=\"$web_site/photos/$row_person[branch_logo]\" border=\"0\"><br>$row_person[branch]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Status:</td>
							<td>$row_person[status]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your City:</td>
							<td>$row_person[city]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your State:</td>
							<td>";
						$success_stateRES = mysql_query("SELECT state FROM state WHERE state_id = $row_person[state_id]");
						$success_stateROW = mysql_fetch_array($success_stateRES);
						$message .= $success_stateROW['state'];
						$message .= " </td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Zip Code:</td>
							<td>$row_person[zip]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Membership:</td>
							<td>$".number_format($row_person[member_level_price],2).": $row_person[member_level_title]</td>
						</tr>
						<tr>
							<td class=\"subhead\">Your Payment Info:</td>
							<td>$row_person[cname]</td>
						</tr>
						<tr>
							<td></td>
							<td>$row_person[ctype]</td>
						</tr>
						<tr>
							<td></td>
							<td>";
						for($i=0;$i<$row_person['cnum_length']-4;$i++){
		                	$message .= "X";                	
		                }
		                $message .= $row_person['cnum_4digits'];
                		$message .= "</td>
						</tr>
						<tr>
							<td></td>
							<td>";
						for($i=0;$i<strlen($row_person['cdate'])-3;$i++){
		                	$message .= "X";                	
		                }
		                $message .= "/".substr($row_person['cdate'],-2);
                		$message .= "</td>
						</tr>
						";
						/*
						<tr>
							<td class=\"subhead\">You Agree to Recurring Billing:</td>
							<td>";
						if($row_person['agree_to_recur_payment']=="1") $message .= "Yes"; else $message .= "No";
						$message .= "</td>
						</tr>
						*/
						$message .= "
						<tr>
							<td class=\"subhead\">You Agree to the ESS Terms:</td>
							<td>";
							if($row_person['agree_to_terms']=="1") $message .= "Yes"; else $message .= "No";
						$message .= "</td>
						</tr>
						<tr>
							<td class=\"subhead\">ESS Newsletter:</td>
							<td>";
						if($row_person['newsletter']=="1") $message .= "Yes"; else $message .= "No";
						$message .= "</td>
						</tr>
					</table>
					</td>
			</tr>
			</table>
						</body>
						</html>	
							";
						mail($row_person['email'], $subject, $message, $headers); 
						
						$subject = "NEW Every Soldiers Story Account has been registered";
						$headers  = 'MIME-Version: 1.0' . "\r\n";
						$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
						$headers .= "From: New Every Soldiers Story Account <$new_account_emailfrom>\r\n";
						$message="
						<html>
						<head>
						<style>
						body {
							font-family: Verdana, Arial, Helvetica, sans-serif;
							font-size: 11px;
							font-style: normal;
							color: #000000;	
						}
						td {
							font-family: Verdana, Arial, Helvetica, sans-serif;
							font-size: 11px;
							font-style: normal;
							color: #000000;	
						}
						</style>
						</head>
						<body>	
							A new account has been setup.<br>
							Login to the Admin-console to process this account.<br>
							<br>
							<br>
							<strong>Account Information</strong>
							<hr noshade color=\"gray\" size=\"1\" width=\"90%\" align=\"left\">
							<strong>Name:</strong> $row_person[first_name] $row_person[last_name]<br>
							<strong>Email:</strong> $row_person[email]<br>
							<strong>Screen Name:</strong> $row_person[screenname]<br>
							<strong>User Name:</strong> $row_person[username]<br>
							<strong>Account Number:</strong> $row_person[person_id]<br>
							<br>
							<br>
							<a href=\"$web_site/admin-console\">$web_site/admin-console</a>
						</body>
						</html>	
							";
						mail($emailto, $subject, $message, $headers);
						header("Location: signup_success.php");
						exit;
					}
					else echo sql_err($sql_update);
			}
 
}
 
?>

Open in new window

signup.php.txt
0
c9k9h
Asked:
c9k9h
  • 11
  • 9
1 Solution
 
RoonaanCommented:
You can set error_reporting(0) to hide the first message.

The mysql error however is coming from a connection failure most likely.

Where do you connect to mysql?
0
 
c9k9hAuthor Commented:
I'm connecting to mysql right on my server (localhost)

Where should i define error_reporting(0)?
0
 
RoonaanCommented:
At the top of your file, on in config.php. However that will just hide the error, not prevent it from happening.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
c9k9hAuthor Commented:
actually.. it seems like getting rid of the error reporting solved the issue!
0
 
c9k9hAuthor Commented:
Actually.. there is an account summary that pulls all of the submitted data and it seems to be blank... So I'm not sure this data is being written to the DB...
0
 
RoonaanCommented:
Try changing:
$success_stateRES = mysql_query("SELECT state FROM state WHERE state_id = $row_person[state_id]");
into
$success_stateRES = mysql_query("SELECT state FROM state WHERE state_id = $row_person[state_id]") or die(mysql_error());
0
 
c9k9hAuthor Commented:
Okay, I checked out the tables and it is writing to them. Any ideas why it's not pulling the data?

I should probably open another question for this one.
0
 
c9k9hAuthor Commented:
That gave me the error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
0
 
RoonaanCommented:
Then for some reason the $row_person[state_id] is empty.

To make the query safer you would need to change to
$success_stateRES = mysql_query("SELECT state FROM state WHERE state_id = ".intval($row_person['state_id']));

However when state_id is empty, it will resort to 0.

What do you need to have when state_id is empty? An error, or just skip it, or some default value?

-r-
0
 
c9k9hAuthor Commented:
the thing is, state_id is not empty, it's inserting an appropriate value into the table as well.
0
 
RoonaanCommented:
That is highly unlikely. Try doing:

$stateQuery = "SELECT state FROM state WHERE state_id = ".intval($row_person['state_id']);
echo '[StateQuery]'.$stateQuery.'[/StateQuery]';
$success_stateRES = mysql_query($stateQuery);
0
 
c9k9hAuthor Commented:
That works!

But it was inserting a value for state_id:
Still not receiving the data on the signup_success page.


person_id      first_name      last_name      address1      address2      city      state_id      zip      phone      email      screenname      username      pword      permission      person_active      status_id      branch_id      newsletter      birthday      squadron      rank      photo      signup_date      last_payment_date


19       fdsafdsa       fdsafdsfadf                   fdsfad       18       45879             test@test.com       fdsafdsafdsafdsa       tewr44       fdsafdfsda       3       1       2       106       0                               2008-06-17       
0
 
RoonaanCommented:
Can you verify that the _get_person.php is actually selection the state_id as well?
0
 
c9k9hAuthor Commented:
Here are the contents of _get_person.php
Actually, I do not see where it is selecting the state_id.
<?php
#
# check to see if there's a cookie
 
if (@$HTTP_COOKIE_VARS['ess_login']!="") {
	$pid = clear($HTTP_COOKIE_VARS['ess_login']);
	$pidx = $HTTP_COOKIE_VARS['ess_login'];
	#
	# Get what we can about the person
	$sql_person = "
		SELECT p.*, 
		pa.*,
		m.title as member_level_title,
		m.price as member_level_price,
		DATE_FORMAT(p.birthday, '%m') as bdayMonth,  
		DATE_FORMAT(p.birthday, '%d') as bdayDay, 
		DATE_FORMAT(p.birthday, '%Y') as bdayYear,
		b.title as branch,
		b.logo as branch_logo,
		s.title as status
		FROM person p,
		person_account pa,
		member_levels m,
		branch b,
		status s
		WHERE p.person_id = '$pid'
		AND b.branch_id = p.branch_id
		AND s.status_id = p.status_id
		AND p.person_id = pa.person_id
		AND pa.member_level_id = m.member_level_id";
 
	if ($res_person = mysql_query($sql_person)) {
		$row_person = mysql_fetch_array($res_person);
		
	} else {
		echo sql_err($sql_person);
	}
	
} 
 
 
?>

Open in new window

0
 
RoonaanCommented:
probably p.* is selecting state_id.

Try adding at line 34:

print_r($row_person);
0
 
c9k9hAuthor Commented:
where should this be outputting to?
0
 
RoonaanCommented:
To your screen.
0
 
c9k9hAuthor Commented:
It's not printing to screen? tried in both FF and IE
0
 
RoonaanCommented:
Can you do a view source and see if it is somewhere unexpected?
0
 
c9k9hAuthor Commented:
No luck with the view source...  It's alright though Roonaan, I think at this point i'm more concerned with why it's not pulling this entered data on the "success" page.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 11
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now