Page 1 of 1

headers already sent - please explain

Posted: Tue Mar 29, 2011 5:51 pm
by miramichiphoto
1. I'm a newb
2. Can someone please explain what it means when you get an error saying headers are already sent (theory please). I am trying to use a function to verify if a user has access to a certain page.
3. Most of my pages start like this:

Code: Select all

<?php require_once("includes/session.php"); ?>
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php //if I comment out this line , no error
confirm_logged_in("contributor"); ?>
<?php include("includes/header.php"); ?>
4. These are the two functions that confirm and then redirect if needed:

Code: Select all


function confirm_logged_in($x) //gets called from session.php - see above
	{
		
		$query = "select `admin` from `users` where `user_id` = '".$_SESSION['user_id']."'";
		$result = mysql_query($query, $connection) or die(mysql_error());
		
		if(mysql_num_rows($result)==0  ||  admin != $x)
		{
  		redirect_to("index.php");
		}
	}


function redirect_to( $location = NULL ) { // gets called from functions.php - see above
		if ($location != NULL) {
			header("Location: {$location}");
			exit;
		}
	}
5. Thank you (again)

Re: headers already sent - please explain

Posted: Tue Mar 29, 2011 6:28 pm
by miramichiphoto
I should also mention this code works as log as the user is correct. If the user is incorrect for the page, I get the headers error

Re: headers already sent - please explain

Posted: Tue Mar 29, 2011 6:59 pm
by califdon
The way the HTTP protocol works is this:

A client (browser) sends a request to a server somewhere on the Internet, typically requesting a web page to be returned. The server receives the request and, if it can find the document requested, sends it back to the client. Actually, the server first sends one or more headers, to instruct the browser what kind of data will be sent, or other information; the human user never sees these headers. If the document is a script file, such as .php or .asp, the server may perform other operations before sending the document, such as validating that the requester is authorized to receive that document. OK, so far? Here is where your issue comes in. Once headers have been sent and even one byte of data has been sent, no other headers can be sent, because the browser has switched into data mode and wouldn't understand the headers. So you have to arrange your scripts so that any decisions that might require sending a header (such as a redirect header) are made before your script sends anything to the browser! Even having a blank line in your script that is outside PHP tags would constitute data that would prevent you from sending headers.