Page 1 of 1

I am really stuck with this headers error

Posted: Thu Dec 01, 2011 8:53 pm
by Instinks
Hello Everyone,
I am sorry to bother you all, but I have been desperately trying to figure this out. I have been developing on my localhost on my laptop without any problems. However, as soon as I transferred the site over to my main machine and tried running it there, I keep turning up with the following error.

The following code (login.php) is an include file that is included at the top of every page if the user is not logged in. IF the form has been submitted, it runs a few checks (as you will see) and then refreshes the page, either logging the user in or returning an error message for three seconds and eventually refreshing the page. If the form has not been submitted, it simply passes over all of the PHP code and displays the form.

The error that I am getting is the following:
Warning: Cannot modify header information - headers already sent by (output started at C:\xampplite\htdocs\aurora_blue\index.php:49) in C:\xampplite\htdocs\aurora_blue\login.php on line 44
Warning: Cannot modify header information - headers already sent by (output started at C:\xampplite\htdocs\aurora_blue\index.php:49) in C:\xampplite\htdocs\aurora_blue\login.php on line 45
Warning: Cannot modify header information - headers already sent by (output started at C:\xampplite\htdocs\aurora_blue\index.php:49) in C:\xampplite\htdocs\aurora_blue\login.php on line 47

I have tried the following with no success:
--Moving the header command prior to setting the cookies
--Using echo meta refresh
--checked for any unnecessary whitespace in both the index file and the login.php include file.

Code: Select all

<?php 
$redirect = $_SERVER['REQUEST_URI'];

// connect
require_once('connections/team_engine.php');
mysql_select_db($database_team_engine, $team_engine) or die(mysql_error());

//Checks to see if the login form has been submitted
if (isset($_POST['username_login'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username_login'] | !$_POST['password']) {
	echo "<span class=\"regular_red_12\">You did not fill in all the fields. You can try again in three seconds.</span>";
	header("Refresh: 3 URL=". $redirect);
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['username_login'] = addslashes($_POST['username_login']);
}
$check = mysql_query("SELECT * FROM tbl_user WHERE user_name = '".$_POST['username_login']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
	echo "<span class=\"regular_red_12\">This username does not exist. You can try again in three seconds.</span>";
	header("Refresh: 3 URL=". $redirect);
}

while($info = mysql_fetch_array( $check )) 	
{
$_POST['password'] = stripslashes($_POST['password']);
$info['user_password'] = stripslashes($info['user_password']);
$_POST['password'] = base64_encode($_POST['password']);
//gives error if the password is wrong
if ($_POST['password'] != $info['user_password']) {
	echo "<span class=\"regular_red_12\">This is an incorrect password. You can try again in three seconds.</span>";
	header("Refresh: 3 URL=". $redirect);
}
else 
{
// if login is ok then we add a cookie
$_POST['username_login'] = stripslashes($_POST['username_login']); 
$hour = time() + 3600; 
setcookie(username_cookie, $_POST['username_login'], $hour); 
setcookie(password_cookie, $_POST['password'], $hour);	 
//then refreshes the page so that they see the member area and not the login area. 
header('Location: ' . $redirect); 	
} 
} 
} 









// if the form hasn't been submitted and they are not logged in.  
else 
{	 
?>
<form action="<?php echo $redirect?>" method="post"> 
<table width="250" border="0" cellpadding="0"> 
<tr>
  <td width="87" align="center" class="regular_white_12">username:</td>
  <td width="157" align="right"> 
  <input name="username_login" type="text" size="25" maxlength="40"> 
</td></tr> 
<tr>
  <td align="center" class="regular_white_12">password:</td>
  <td align="right"> 
  <input name="password" type="password" size="25" maxlength="50"> 
</td></tr> 
</table>
<table width="250" border="0" cellpadding="1">
  <tr>
    <td width="159" align="left"><a href="register.php" class="orangelink">register</a><span class="regular_white_12"> | </span><a href="forgot_password.php" class="orangelink">password</a></td>
    <td width="85" align="right"><input type="submit" name="submit" value="Login"></td>
  </tr>
</table>
</form> 
<?php 
} 
?>

Re: I am really stuck with this headers error

Posted: Thu Dec 01, 2011 10:30 pm
by Eric!
Instinks wrote: I have tried the following with no success:
--checked for any unnecessary whitespace in both the index file and the login.php include file.
What about team_engine.php?

Re: I am really stuck with this headers error

Posted: Thu Dec 01, 2011 10:36 pm
by anthony.zhan
Maybe try this:
First put echo string after header.
Second add "exit()" at the end of every "refresh".

This will make sure that the function "header" will not execute twice at each request.

Re: I am really stuck with this headers error

Posted: Thu Dec 01, 2011 11:14 pm
by Instinks
Thank you both for your responses:
Eric! wrote:
Instinks wrote: I have tried the following with no success:
--checked for any unnecessary whitespace in both the index file and the login.php include file.
What about team_engine.php?
I hadn't checked this originally, but just did so and there was no whitespace.
anthony.zhan wrote:Maybe try this:
First put echo string after header.
Second add "exit()" at the end of every "refresh".

This will make sure that the function "header" will not execute twice at each request.
I have done this as well, still no luck.
You don't think that this could be related to something in the index file? I checked the line number in reference of the index file and the only thing on that line is "<?php"

New code after suggestions:

Code: Select all

<link href="css/text.css" rel="stylesheet" type="text/css">
<link href="css/form_login.css" rel="stylesheet" type="text/css">
<?php
$redirect = $_SERVER['REQUEST_URI'];

// connect
require_once('connections/team_engine.php');
mysql_select_db($database_team_engine, $team_engine) or die(mysql_error());

//Checks to see if the login form has been submitted
if (isset($_POST['username_login'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username_login'] | !$_POST['password']) {
	header("Refresh: 3 URL=". $redirect);
	echo "<span class=\"regular_red_12\">You did not fill in all the fields. You can try again in three seconds.</span>";
	exit();
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['username_login'] = addslashes($_POST['username_login']);
}
$check = mysql_query("SELECT * FROM tbl_user WHERE user_name = '".$_POST['username_login']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
	header("Refresh: 3 URL=". $redirect);
	echo "<span class=\"regular_red_12\">This username does not exist. You can try again in three seconds.</span>";
	exit();
}

while($info = mysql_fetch_array( $check )) 	
{
$_POST['password'] = stripslashes($_POST['password']);
$info['user_password'] = stripslashes($info['user_password']);
$_POST['password'] = base64_encode($_POST['password']);
//gives error if the password is wrong
if ($_POST['password'] != $info['user_password']) {
	header("Refresh: 3 URL=". $redirect);
	echo "<span class=\"regular_red_12\">This is an incorrect password. You can try again in three seconds.</span>";
	exit();
}
else 
{
//then refreshes the page so that they see the member area and not the login area. 
header('Location: ' . $redirect);
// if login is ok then we add a cookie
$_POST['username_login'] = stripslashes($_POST['username_login']); 
$hour = time() + 3600; 
setcookie(username_cookie, $_POST['username_login'], $hour); 
setcookie(password_cookie, $_POST['password'], $hour);	 
exit();
} 
} 
} 









// if the form hasn't been submitted and they are not logged in.  
else 
{	 
?>
<form action="<?php echo $redirect?>" method="post"> 
<table width="250" border="0" cellpadding="0"> 
<tr>
  <td width="87" align="center" class="regular_white_12">username:</td>
  <td width="157" align="right"> 
  <input name="username_login" type="text" size="25" maxlength="40"> 
</td></tr> 
<tr>
  <td align="center" class="regular_white_12">password:</td>
  <td align="right"> 
  <input name="password" type="password" size="25" maxlength="50"> 
</td></tr> 
</table>
<table width="250" border="0" cellpadding="1">
  <tr>
    <td width="159" align="left"><a href="register.php" class="orangelink">register</a><span class="regular_white_12"> | </span><a href="forgot_password.php" class="orangelink">password</a></td>
    <td width="85" align="right"><input type="submit" name="submit" value="Login"></td>
  </tr>
</table>
</form> 
<?php
} 
?>

Re: I am really stuck with this headers error

Posted: Thu Dec 01, 2011 11:26 pm
by anthony.zhan
Warning: Cannot modify header information - headers already sent by (output started at C:\xampplite\htdocs\aurora_blue\index.php:49) in C:\xampplite\htdocs\aurora_blue\login.php on line 44

What about the file "C:\xampplite\htdocs\aurora_blue\index.php"?
did you include the login.php at the begin of the index.php?

Re: I am really stuck with this headers error

Posted: Sat Dec 03, 2011 12:16 pm
by Instinks
anthony.zhan wrote:Warning: Cannot modify header information - headers already sent by (output started at C:\xampplite\htdocs\aurora_blue\index.php:49) in C:\xampplite\htdocs\aurora_blue\login.php on line 44

What about the file "C:\xampplite\htdocs\aurora_blue\index.php"?
did you include the login.php at the begin of the index.php?
Thanks for your help. After struggling with this a bit more, your response helped me solve the problem.

For anyone who is experience similar difficulties, this was the issue:
Like the header() function, the setcookie() function must be placed before any HTML output.
Although the setcookie() function in the login file above was before any output, the login file was included in the index file after HTML output.
In order to fix this issue, I had to place this login file at the top of every page before any HTML.