I don't know how to fix this error.

I've built a login page, but I've done something wrong in that when the user's password is checked, they're supposed to be redirected to the admin page. But when that sceanrio is being processed, apparently I've got something in my header that is fouling up the works.

The error message is: Warning: Cannot modify header information - headers already sent by (output started at /home/hihatweb/public_html/Showdown/admin/header.php:5) in /home/hihatweb/public_html/Showdown/admin/default.php on line 17

My code is attached. Line 17 is "header("Location:admin.php"); What am I missing?
<?php 
session_start(); 
require_once('header.php'); 
 
switch (@$_POST['do'])
{
      case "login":
      $password='$_POST[password]';
      if (!$password="Secret")
      {
      header("Location:LoginWrong.php");
      exit ();
      }
     else
      {
      $_SESSION['auth'] = "yes";
      header("Location:admin.php");
      exit();
      }
 
      break;
}
 
?>

Open in new window

brucegustPHP DeveloperAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

markloganCommented:
What is the code at the top of header.php, line 5?

Post lines 1 -> 10

Do you output some text to the page or something there?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cornelia YoderArtistCommented:
The usual cause of this error is a blank line or space at the top of the script.  Check all scripts involved and remove any such lines or spaces.
0
Ray PaseurCommented:
Try changing this line.  The single equal is an assignment operator and not a comparison operator!
// Change
 
      if (!$password="Secret")
 
// to
 
      if (!$password=="Secret")

Open in new window

0
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

brucegustPHP DeveloperAuthor Commented:
The problem is definitely with my header, but I don't know what.

Right now, based on everyone's input, the script that I have at the top of my page looks like this:

<?php
session_start();
if (@$_SESSION['auth'] !== "yes")                  
{
header("Location: default.php");
require_once('header.php');
exit();
}
?>

When I remove the line, "require_once('header.php');" the error goes away, but then the look of my page gets compromised because that's where I'm putting my graphics for the top of my page.

I have my header.php code attached below. What am I doing wrong?

Again, the error that I'm getting is "Warning: Cannot modify header information - headers already sent by (output started at /home/hihatweb/public_html/Showdown/admin/header.php:5) in /home/hihatweb/public_html/Showdown/admin/default.php on line 17"

Line 5 on my header.php page is <script language="javascript">AC_FL_RunContent = 0;</script> and line 17 on my admin page is     header("Location:admin.php");

Line 5 on my header.php page is "<script language="javascript">AC_FL_RunContent = 0;</script>"

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Colgate Country Showdown | America's Largest Country Music Talent Search | Admin Page</title>
<script language="javascript">AC_FL_RunContent = 0;</script>
<script src="../AC_RunActiveContent.js" language="javascript"></script>
<link href="../stylesheet.css" rel="stylesheet" type="text/css" />
 
<script language="JavaScript"><!--
function MM_jumpMenu(targ,selObj,restore){ //v3.0
  eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");
  if (restore) selObj.selectedIndex=0;
}
// -->
</script>
 
</head>
 
<body bgcolor="#000000">
 
<table width=100% height=100% align="center" valign="center" cellspacing="0" cellpadding="0">
<tr>
<tr>
<td align="center" valign="top">&nbsp;<BR>
	<table width="1000" cellspacing="0" cellpadding="0">
	<tr>
	<td align="center">
	<!--url's used in the movie-->
	<!--text used in the movie-->
	<!-- saved from url=(0013)about:internet -->
	<script language="javascript">
	if (AC_FL_RunContent == 0) {
		alert("This page requires AC_RunActiveContent.js.");
	} else {
		AC_FL_RunContent(
			'codebase', 'https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0',
			'width', '1000',
			'height', '299',
			'src', 'Header',
			'quality', 'high',
			'pluginspage', 'https://www.macromedia.com/go/getflashplayer',
			'align', 'middle',
			'play', 'true',
			'loop', 'true',
			'scale', 'showall',
			'wmode', 'transparent',
			'devicefont', 'false',
			'id', 'Header',
			'bgcolor', '#ffffff',
			'name', 'Header',
			'menu', 'true',
			'allowFullScreen', 'false',
			'allowScriptAccess','sameDomain',
			'movie', 'Header',
			'salign', ''
			); //end AC code
	}
	</script>
	<noscript>
	<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="1000" height="299" id="Header" align="middle">
	<param name="allowScriptAccess" value="sameDomain" />
	<param name="allowFullScreen" value="false" />
	<param name="movie" value="Header.swf" /><param name="quality" value="high" /><param name="wmode" value="transparent" /><param name="bgcolor" value="#ffffff" />	<embed src="Header.swf" quality="high" wmode="transparent" bgcolor="#ffffff" width="1000" height="299" name="Header" align="middle" allowScriptAccess="sameDomain" allowFullScreen="false" type="application/x-shockwave-flash" pluginspage="https://www.macromedia.com/go/getflashplayer" />
	</object>
	</noscript>
	</td>
	</tr>
	<tr>
	<td background="../Images/Filler.jpg">&nbsp;<BR>

Open in new window

0
Cornelia YoderArtistCommented:
What is Line 17 in default.php?
0
brucegustPHP DeveloperAuthor Commented:
Folks, I think I've figured it out.

The "assignment" scenario suggested by Ray was contrary to the example I used from the book that I'm going by. But, Ray, I appreciate it because by going back and playing with that scenario I now know what that is and when to use "=" vs "==".

yoder - The extra space dynamic is right on. I found it all over the internet when I googled the error message I was getting.

The solution was taking my require_once('header.php'); statement and putting it AFTER checking for all my credentials. The problem wasn't on the default page, which is the code that I had submitted believing it to be suspect. The problem was with the page that the user was being directed to after the credentials had been verified. On the Admin page, I was doing the "require_once..." before my session_start(); and that's where the problem lied. Once I changed the order of things, my world became much brighter.
0
Ray PaseurCommented:
Hi, Bruce, and thanks for the points.  Here is a suggestion that will simplify your life.

Create a "config.php" file.  Put all your basic and necessary stuff in it - session_start(), data base connections, local functions, DEFINE statements, etc.  Call it at the top of every script for every page of your web site.

<?php require_once('_config.php');
// REST OF CODE GOES HERE

Blessings, ~Ray
<?php // _config.php
 
// DO NOT RUN THIS SCRIPT STANDALONE
if (count(get_included_files()) < 2) { header("HTTP/1.1 301 Moved Permanently"); header("Location: /"); exit; }
 
// AVOID SOME ANNOYING ERROR MESSAGES FROM SHARED HOSTING SERVER
ini_set('session.bug_compat_42',0);
ini_set('session.bug_compat_warn',0);
 
error_reporting(E_ALL);
 
session_start();
 
// GET RID OF UNWANTED LOCAL VARIABLES
unregister_globals();
 
// DEFIND CONSTANTS FOR WEB SERVICES
DEFINE ("YAHOO_API",  " [ redacted ] ");
DEFINE ("GOOGLE_API", " [ redacted ] ");
DEFINE ("PAYPAL_ID",  " [ redacted ] ");
DEFINE ("USPS_UID",   " [ redacted ] ");
 
// SET MAXIMUM UPLOAD FILE SIZE
DEFINE ("MAX_FILE_SIZE", '8192000');  // EIGHT MEGABYTE LIMIT ON UPLOADS
 
// STAT THE SCRIPT TIMER
list ($x, $y) = explode(" ", microtime()); $script_start_time = $x + $y;
 
// IF HTTPS
if (empty($_SERVER["HTTPS"])) { $protocol = 'http://'; } else { $protocol = 'https://'; }
 
// ESTABLISH WHERE I ENTERED THE SITE
$my_entry_uri		= $protocol . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
if ($_SESSION["my_entry_uri"]	== '') { $_SESSION["my_entry_uri"] = $my_entry_uri; }
 
// TRY TO CONNECT TO THE DATA BASE
@include_once('../rootdir/db_connect.php'); // DATABASE CONNECTION
 
/* ************************************************************************* */
function unregister_globals() {
	if (ini_get('register_globals')) {
		$array = array('_REQUEST', '_FILES');
		foreach ($array as $value) {
			if(isset($GLOBALS[$value])){
				foreach ($GLOBALS[$value] as $key => $var) {
					if (isset($GLOBALS[$key]) && $var === $GLOBALS[$key]) {
						// echo 'found '.$key.' = '.$var.' in $'.$value."\n";
						unset($GLOBALS[$key]);
					}
				}
			}
		}
	}
}
/* ************************************************************************* */
 
/* ************************************************************************* */
function reveal_source() {
	echo "<h3><a href=\"get_script.php?u={$_SERVER["PHP_SELF"]}\">Get Source Code</a></h3>\n";
}
/* ************************************************************************* */
 
/* ************************************************************************* */
function my_curl($url) {
// HEADERS FROM FIREFOX - APPEARS TO BE A BROWSER REFERRED BY GOOGLE
	$curl = curl_init();
 
	$header[] = "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5";
	$header[] = "Cache-Control: max-age=0";
	$header[] = "Connection: keep-alive";
	$header[] = "Keep-Alive: 300";
	$header[] = "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7";
	$header[] = "Accept-Language: en-us,en;q=0.5";
	$header[] = "Pragma: "; // browsers keep this blank.
 
	curl_setopt($curl, CURLOPT_URL, $url);
	curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15');
	curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
	curl_setopt($curl, CURLOPT_REFERER, 'http://www.google.com');
	curl_setopt($curl, CURLOPT_ENCODING, 'gzip,deflate');
	curl_setopt($curl, CURLOPT_AUTOREFERER, true);
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($curl, CURLOPT_TIMEOUT, 10);
 
	if (!$html = curl_exec($curl)) { $html = file_get_contents($url); }
	curl_close($curl);
return $html;
}
/* ************************************************************************* */
 
// ET CETERA

Open in new window

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.