Having a hard time creating sessions In PHP?
Moderator: General Moderators
Having a hard time creating sessions In PHP?
Hi,
I'm new to this forum. They is my first post and I'm currently learning how to code via youtube videos!
I'm trying to create a session_start(); for my website. Every time I login I'm getting a nasty error message and not sure why.
Would you guys happen to know what I'm doing wrong? I don't think I'm mistyping session_start(); incorrectly. Do I need to declare something in the session? I'm confused ......
Thanks everyone in advance!
http://whatsmyowncarworth.com/login/login.php
User info
username = alex
password = abc
username = kyle
password = 123
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Error message
"Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php:8) in /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php on line 10
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php:8) in /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php on line 10"
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
login2.php page = php code
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password)
{
$connect = mysql_connect("localhost","bvghy_bvghy","mypassword") or die("Counldn't Connect!");
mysql_select_db("bvghy_phplogin") or die("Counldn't Connect to DB");
$query = mysql_query("SELECT id, username, password FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
// code to login
// The $row is a varialbe of mysql_fetch_assoc. The $row fetches the the above query. $dbusername and $dbpassword are varialbes of $row['username']; and $row['password'];
// the 'username' and 'password' are references to the rows in the MySql database
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
// check to see if they match!
if ($username==$dbusername&&$password==$dbpassword)
{
echo "Your in! <a href='member.php'>Click</a> here to enter the member page";
$_SESSION['username']=$dbusername;
}
else
echo "Incorrect password!";
}
else
die("That user dosen't exist!");
I'm new to this forum. They is my first post and I'm currently learning how to code via youtube videos!
I'm trying to create a session_start(); for my website. Every time I login I'm getting a nasty error message and not sure why.
Would you guys happen to know what I'm doing wrong? I don't think I'm mistyping session_start(); incorrectly. Do I need to declare something in the session? I'm confused ......
Thanks everyone in advance!
http://whatsmyowncarworth.com/login/login.php
User info
username = alex
password = abc
username = kyle
password = 123
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Error message
"Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php:8) in /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php on line 10
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php:8) in /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php on line 10"
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
login2.php page = php code
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password)
{
$connect = mysql_connect("localhost","bvghy_bvghy","mypassword") or die("Counldn't Connect!");
mysql_select_db("bvghy_phplogin") or die("Counldn't Connect to DB");
$query = mysql_query("SELECT id, username, password FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
// code to login
// The $row is a varialbe of mysql_fetch_assoc. The $row fetches the the above query. $dbusername and $dbpassword are varialbes of $row['username']; and $row['password'];
// the 'username' and 'password' are references to the rows in the MySql database
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
// check to see if they match!
if ($username==$dbusername&&$password==$dbpassword)
{
echo "Your in! <a href='member.php'>Click</a> here to enter the member page";
$_SESSION['username']=$dbusername;
}
else
echo "Incorrect password!";
}
else
die("That user dosen't exist!");
Re: Having a hard time creating sessions In PHP?
You cannot use functions like session_start() and header() if anything has been outputted. Whatever is on line 8 in login2.php outputted something. Either get rid of it or move the session_start() to the beginning of the file. Similarly, you can't have anything before the opening <?php tag.Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php:8) in /home/bvghy/public_html/whatsmyowncarworth.com/login/login2.php on line 10
Re: Having a hard time creating sessions In PHP?
Hi requinix,
I appreciate the response. When I remove the session_start(); it works but I'm not creating a session. I was watching this video and the instructor creates a session and it's working. I know the video is three years old but I'm assuming it should still be valid?
20 Secs. into the video
http://www.youtube.com/watch?v=0dq5Sj9j ... 3942AC8E40
Thanks everyone
I appreciate the response. When I remove the session_start(); it works but I'm not creating a session. I was watching this video and the instructor creates a session and it's working. I know the video is three years old but I'm assuming it should still be valid?
20 Secs. into the video
http://www.youtube.com/watch?v=0dq5Sj9j ... 3942AC8E40
Thanks everyone
Re: Having a hard time creating sessions In PHP?
I would not recommend that video tutorial to anyone. Just saying.
Part 1:
- Invalid HTML
- No uniqueness constraint on the username. Might be intentional? But then no uniqueness on the username+password
- Stores cleartext passwords
- The "form is empty" condition he has will reject "0" as a username or password (because "0"==false). I'll ignore the undefined index possibility
- Connects to the database as root
- ...which doesn't have a password
- die() is not the best function. Practically never is. Technically it's not a function either
Part 2:
- SQL injection
- Login scripts should never say whether a username exists or not
- Uses the while loop for multiple rows (there could be with his design) but the rest of the code pretends there's only ever one row
- $username always == $dbusername. It was right there in the query
Part 3:
- Tries to use start_session(). Really? Please
- "Click here" is poor design
- Doesn't realize his == mistake until much later. I feel like I'm watching over a guy's shoulder as he codes some new feature, not a video tutorial
- Is obviously developing with warnings and notices hidden, otherwise he would have seen an "undefined index" warning in member.php
- The thing about having sessions active after the browser restarts is wrong. It depends on the PHP setup and rarely ever does that
- Undefined index on $_SESSION["username"]. Again, would have seen that
Back on topic.
You need the session_start(). But it has to be executed before anything is outputted, like error messages or HTML or even whitespace before the <?php tag.
So what are the contents of login2.php from the very beginning of the file up until line, let's say, 15?
Part 1:
- Invalid HTML
- No uniqueness constraint on the username. Might be intentional? But then no uniqueness on the username+password
- Stores cleartext passwords
- The "form is empty" condition he has will reject "0" as a username or password (because "0"==false). I'll ignore the undefined index possibility
- Connects to the database as root
- ...which doesn't have a password
- die() is not the best function. Practically never is. Technically it's not a function either
Part 2:
- SQL injection
- Login scripts should never say whether a username exists or not
- Uses the while loop for multiple rows (there could be with his design) but the rest of the code pretends there's only ever one row
- $username always == $dbusername. It was right there in the query
Part 3:
- Tries to use start_session(). Really? Please
- "Click here" is poor design
- Doesn't realize his == mistake until much later. I feel like I'm watching over a guy's shoulder as he codes some new feature, not a video tutorial
- Is obviously developing with warnings and notices hidden, otherwise he would have seen an "undefined index" warning in member.php
- The thing about having sessions active after the browser restarts is wrong. It depends on the PHP setup and rarely ever does that
- Undefined index on $_SESSION["username"]. Again, would have seen that
Back on topic.
You need the session_start(). But it has to be executed before anything is outputted, like error messages or HTML or even whitespace before the <?php tag.
So what are the contents of login2.php from the very beginning of the file up until line, let's say, 15?
Re: Having a hard time creating sessions In PHP?
Hi Requinix,
I appreciate the detailed response. Below is the php code and HTML code for the pages login.php, login2.php and member.php
Below is the code. Thanks again for the help!
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
This is the login.php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
This is the login2.php / html - php code
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
member.php / php - HTML code
I appreciate the detailed response. Below is the php code and HTML code for the pages login.php, login2.php and member.php
This is up until line 15So what are the contents of login2.php from the very beginning of the file up until line, let's say, 15?
Code: Select all
<html>
<head>
<title>Login2</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password) <<----- Line 15Are you saying I need to have the <?php?> above the HTML? like this .....You need the session_start(). But it has to be executed before anything is outputted, like error messages or HTML or even whitespace before the <?php tag.
Code: Select all
<?php
session_start()
?>
<html>
<head>
<title>Login2</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">Would you happen to know of any quality tutorials either on youtube or the internet?I would not recommend that video tutorial to anyone. Just saying.
Below is the code. Thanks again for the help!
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
This is the login.php
Code: Select all
<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<form action="login2.php" method="post">
Username:<input type="text" name="username"><br>
Password:<input type="password" name="password"><br>
<input type="submit" name="Login In">
</form>
<hr>
<p>This is the next <a href="http://whatsmyowncarworth.com/Foreach.php">Foreach</a></p>
</body>
</html>This is the login2.php / html - php code
Code: Select all
<html>
<head>
<title>Login2</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password)
{
$connect = mysql_connect("localhost","myaccount","mypassword") or die("Counldn't Connect!");
mysql_select_db("phplogin") or die("Counldn't Connect to DB");
$query = mysql_query("SELECT id, username, password FROM users WHERE username='$username'");
$numrows = mysql_num_rows($query);
if ($numrows!=0)
{
// code to login
// The $row is a varialbe of mysql_fetch_assoc. The $row fetches the the above query. $dbusername and $dbpassword are varialbes of $row['username']; and $row['password'];
// the 'username' and 'password' are references to the rows in the MySql database
while ($row = mysql_fetch_assoc($query))
{
$dbusername = $row['username'];
$dbpassword = $row['password'];
}
// check to see if they match!
if ($username==$dbusername&&$password==$dbpassword)
{
echo "Your in! <a href='member.php'>Click</a> here to enter the member page";
$_SESSION['username'] = $username;
}
else
echo "Incorrect password!";
}
else
die("That user dosen't exist!");
}
else
die("Please enter a username and a password!");
?>
</body>
</html>
member.php / php - HTML code
Code: Select all
<html>
<head>
<title>Member</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<?php
session_start();
echo "Welcome, ".$_SESSION['username']."!";
?>
</body>
</html>Re: Having a hard time creating sessions In PHP?
Yes. Exactly that.mcc_shane wrote:Are you saying I need to have the <?php?> above the HTML? like this .....You need the session_start(). But it has to be executed before anything is outputted, like error messages or HTML or even whitespace before the <?php tag.
Code: Select all
<?php session_start() ?> <html> <head> <title>Login2</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body bgcolor="#FFFFFF" text="#000000">
Not really. I don't learn like that so I've not personally seen any I could recommend.mcc_shane wrote:Would you happen to know of any quality tutorials either on youtube or the internet?I would not recommend that video tutorial to anyone. Just saying.
Search on forums (via Google or not) for tutorials: actual tutorials or just recommendations. Did you know that PHP DN has a tutorials forum? There's even a LOGIN & REGISTRATION Script Tutorial in there.
Re: Having a hard time creating sessions In PHP?
Just thought I'd add that you're getting expert advice from requinix, and that my observation of many of these "tutorial" videos is that they are often made by people who (1) really don't know what they are doing, and (2) are not skilled in presenting logical instruction. There might be a few useful ones out there, but the majority of them suck! I too would not recommend them to anyone trying to learn PHP or other programming skills (unless someone finds one that is actually good, which I haven't found). Some of the serious online tutorials are pretty good (the non-video ones) and of course there are good books.
Re: Having a hard time creating sessions In PHP?
Thanks requinix and califdon for your help. I appreciate guys!
requinix, appreciate the tutorials as well! and tip! It worked!
requinix, appreciate the tutorials as well! and tip! It worked!