Page 1 of 2

New Here, but have a valid header call problem.

Posted: Mon Jul 01, 2002 10:42 am
by allevon
Hi Everyone,

Ok Im new on this board but I have searched the net for 2 weeks for this answer. I installed a module for my phpnuke website. Ill keep this short. Its a self contained module, has its own authenticate files and process and heres the problem:

Everything in the module works 100% EXCEPT the superuser or admin access. The error recieved is header already sent by blah blah yadda yadda. I have checked all the files involved and only see one header call in the index file of the module. Where else or what else, should I be looking for?

I have tried everything imaginable under the sun, other people say the program works for them, EXCEPT MINE. I know this sounds stupid and is probably a simple dumb problem, but I cant find or solve it.

So thanks in advance and I hope someone can give me a hand on this one.

Posted: Mon Jul 01, 2002 11:30 am
by volka

Posted: Mon Jul 01, 2002 12:53 pm
by allevon
Hi Volka,

Thank you for that quick response. I did follow what the article had said. But however, either Im doing something wrong, or the original module sequences or code is wrong. Im going to post here what I have, maybe its obvious to you, but 14 days I still cant see it.

In the original admin.php file the top lines call the header as seen here:

Code: Select all

if (!eregi("modules.php", $PHP_SELF))
{
	die ("You can't access this file directly...");
}
$ModName = basename(dirname(__FILE__));
include("header.php");
Now begins the login process in the same file:

Code: Select all

include("./modules/$ModName/config.php");
include("./modules/$ModName/functions.php");
employment_language();

// check user is logged in
if (verify_session($authok) == "FALSE") 
	{
		OpenTable();
		echo "<a href=$ModuleBaseUrl=post&create_login=true>create an account</a>&nbsp;|&nbsp;";
		echo "<a href=$ModuleBaseUrl=post&login=true>login</a><br><br>";
		$user_id = verify_session($authok);

		// this lets you display login box or create login box
		if ($login == "true")
		&#123;
			draw_login_box("Login Here", "200", $ModuleDirName);
		&#125;
		if ($create_login == "true")
		&#123;
			draw_create_login_box("Create Login Here", "200", $ModuleDirName);
		&#125;
		CloseTable();
		exit;
	&#125;
	else
	&#123;//start of login code
		OpenTable();
		$user_id = verify_session($authok);
Ok now we go to the functions.php next (I think) making a call to this function, no header info on the top of page, its all functions:

Code: Select all

function init_session ($name) 
&#123;
	setcookie ("authok", $name ,time()+3600, "/", '', 0);	
&#125;

function kill_session() 
&#123;
	setcookie ("authok", "",time()-3600, "/", '', 0);
&#125;
And within the process, it calls the authenticate.php file for this:

Code: Select all

include("config.php");
include("functions.php");

if ($logout == "true")
&#123;
	kill_session($hostname);
	redirect($login_success);
&#125;
else
&#123;
	$link = mysql_connect($hostname, $user, $pass) or die("Could not connect");
	mysql_select_db($database) or die("Could not select database");
		$result = mysql_query("SELECT * FROM &#123;$prefix&#125;_jobaccounts WHERE user='$UserName'");
 		$row_array = mysql_fetch_array($result);
The config.php file is configured properly as everything else runs perfectly. But when you try to login as an admin, you get this error:

Warning: Cannot add header information - headers already sent by (output started at /usr/local/apache/htdocs/modules/themodule/authenticate.php:2) in /usr/local/apache/htdocs/modules/themodule/functions.php on line 206

Line 206 is the first set cookie call in functions.php.


As I said, I tried everything I could think of using similar scripting from that article, other modules, books, etc. Im so stuck and re-read this so many times, I think even if I could, I couldn't find it from being burned out. Thanks in advance.

Und Volka, Vielen Danke, Ich Mochtegern sprechen Deutsch, jedoch mein Deutsch ist nicht gut.

Posted: Mon Jul 01, 2002 1:01 pm
by martin
I think your problem might be:

if (!eregi("modules.php", $PHP_SELF))

try instead:

if (!eregi("modules.php", $_SERVER['PHP_SELF']))

Posted: Mon Jul 01, 2002 1:07 pm
by allevon
Hi Martin,

Thanks! I just tried it however, and it said you cannot access this file directly. Most PhpNuke modules have that form of security on them. But I'll try anything to get it workingsince its the module that will be the core of the site design. I have built all around it and Im so frustrated because Its the one module everyone seeks when visiting. I used to use his previous version which had no authentication process and the admin had to post everything, but with this one, they can maintain their own posts. So you can see my frustration level here. :lol:

Posted: Mon Jul 01, 2002 2:54 pm
by volka
If nothing else helps and you can't find the (probably whitespace only) output before header information is sent you may use ob_start or enable output_buffering in your php.ini

p.s. I think your german and my english are on equal terms. As long as you can bear it, I'd prefer to stay on english ;)

Posted: Mon Jul 01, 2002 3:39 pm
by allevon
:lol: Maybe your right about the Eng/Ger. anyway, I just gave that all a shot and nope, nien, nicht. I still got the error. See I checked alot of this out before coming to you guys so thats why I know this one is unusual. I know its something stupid, could it be in the lower section of this since the header was called on the admin.php file?:

Code: Select all

function init_session ($name) 
&#123;
	setcookie ("authok", $name ,time()+3600, "/", '', 0);	
&#125;

function kill_session() 
&#123;
	setcookie ("authok", "",time()-3600, "/", '', 0);
&#125;

function verify_session ($md5) 
&#123;
	$ModName = basename(dirname(__FILE__));
	include("./modules/$ModName/config.php");
	mysql_connect($hostname, $user, $pass) or die("Could not connect");
	mysql_select_db($database) or die("Could not select database");
	$result = mysql_query("SELECT * FROM &#123;$prefix&#125;_jobaccounts WHERE md5='$md5'");
	$row_array = mysql_fetch_array($result);
	if ($row_array&#1111;0] != "")
	&#123;
		return $row_array&#1111;0];
	&#125;
	else
	&#123;
		return "FALSE";
	&#125;
&#125;
function redirect ($url) 
&#123;
	echo "<SCRIPT LANGUAGE='JavaScript'>";
	echo "document.location.href='$url'";
	echo "</SCRIPT>";
	exit;
&#125;
?>

Posted: Mon Jul 01, 2002 5:18 pm
by volka
wreid - even output buffering doesn't work.
There must be something in authenticate.php at line 2 that causes output. At least php thinks so ;)

Told ya it was wierd.

Posted: Mon Jul 01, 2002 5:25 pm
by allevon
Thats my sentiments exactly, so here is the entire script for the authenticate.php file:

Code: Select all

<META http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<?

//goes to this file after you login to check if you are a valid user
include("config.php");
include("functions.php");

if ($logout == "true")
&#123;
	kill_session($hostname);
	redirect($login_success);
&#125;
else
&#123;
	$link = mysql_connect($hostname, $user, $pass) or die("Could not connect");
	mysql_select_db($database) or die("Could not select database");
		$result = mysql_query("SELECT * FROM &#123;$prefix&#125;_jobaccounts WHERE user='$UserName'");
 		$row_array = mysql_fetch_array($result);
		if ($row_array&#1111;0] == "")
		&#123;
			redirect("$redirect_error&error=7");
		&#125;
		else
		&#123;
			$Password = substr(md5("phpcryptcamp".$Password),0,10);
			if ($Password != $row_array&#1111;1])
			&#123;
				redirect("$redirect_error&error=8");
			&#125;
			else
			&#123;
				init_session($row_array&#1111;3]);
				mysql_query("UPDATE &#123;$prefix&#125;_jobaccounts SET count=count+1 WHERE &#123;$prefix&#125;_jobaccounts.user = '$UserName'");
				redirect($login_success);
			&#125;
		&#125;
&#125;

?>



I have frustration blindness, so no errors appear to me in the script. For me, its an Enigma! :?

Posted: Mon Jul 01, 2002 7:41 pm
by volka

<META http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
that's output.
even

Code: Select all

<?php ...
(a carriage-return before <?php) would be.
Everything you can see and/or select, when you open "view-source" in your browser, is output.

Posted: Mon Jul 01, 2002 8:05 pm
by allevon
Hey Volka,

Ok took everything up until the <? out and still got it, except the line number changed for the error, thats because of the deleted data. But the error hasn't changed. See why Im baffled. BUT, I garuntee everyone, once we solve this, Im sure well all never forget it. :)

Posted: Tue Jul 02, 2002 6:57 am
by volka
will be much faster if you tell us the name of the module.
See, we found just one line of output the last day. If there are a few tens.......

Posted: Tue Jul 02, 2002 7:32 am
by allevon
Oh A duh!!! :roll: Yes Im retarded to completely forget about that. Its called phprofession. Its an employment module originally designed for PostNuke, but a version for phpNuke has been created. To see it in action heres the link to the website along with download links.

http://www.phpsolutions.co.uk

As a reminder, I use PhpNuke.
Sorry about that Volka. My brain has been fried pretty bad from this. I dreamed in code all night last night, :lol:

Posted: Tue Jul 02, 2002 10:40 am
by volka
hmmm...I know you don't want to hear it, but I just downloaded phpnuke5.6 (wahhhhh.....had to turn register_globals on :( ) and installed phprofession2.4PL-beta (also I blew it the first time. sorry config.php, haven't installed nuke in document-root ;) ) and it's working as far as I can see.
It floods my apache error.log with php-notices but not with header-information problems.

But the javascripts make my InterDev wimmering. To enter the responsibilities is nearly impossible because on any char typed an error-message pops up ;(

Posted: Tue Jul 02, 2002 11:44 am
by allevon
Volka,

I just got the answer. chatted with the developer, it was the stupid line:

Code: Select all

<META http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
Needed to be removed from ALL files.

I knew this was going to be a dumb answer, but that was the solution. Im sorry to hear that you had a rough time with 5.6. Supposedly it was better than 5.5, i use 5.5. Been working like a charm.