Page 1 of 1

Cant modify header information

Posted: Mon Jan 24, 2005 7:04 pm
by HexKrak
I've been working on a login script which follows:

Code: Select all

<?
$db = mysql_connect("host", "login", "pass") or die('Could not connect: ' . mysql_error());
mysql_select_db("database") or die("Could not select database");
$query = "SELECT * FROM userbase where Uname = '$_POST&#1111;uname]' AND pword = '$_POST&#1111;pword]'";
$result = mysql_query($query);

if (mysql_fetch_row($result))
   &#123;
   echo "access granted";
   mysql_free_result($result) or die('Cant free it');
   mysql_close($db) or die('Cant close it');
   session_start();
     header("Cache-control: private");
     $_SESSION&#1111;"access"] = "granted";
     header("Location: http://www.domain.com/secure.php");
     exit;
   &#125;else&#123;
   echo "access denied";

   header("Location: /index.html");
   exit;
   &#125;
 ?>
The error I keep getting is:

Code: Select all

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /srv/www/htdocs/checkpw.php:2) in /srv/www/htdocs/checkpw.php on line 13

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /srv/www/htdocs/checkpw.php:2) in /srv/www/htdocs/checkpw.php on line 13

Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/checkpw.php:2) in /srv/www/htdocs/checkpw.php on line 14

Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/checkpw.php:2) in /srv/www/htdocs/checkpw.php on line 16
I've checked php.net docs, and codewalkers, and everywhere else I could think of, and now I'm looking for another human brain to take a peek at it, cuz its driving me bonkers.
Things I've tryed include putting the session_start() at the very top, session_cache_limiter(), and other various header() commands to attempt to prevent the default headders.

Posted: Mon Jan 24, 2005 7:17 pm
by rehfeld
looks like you have a new line before your opening <?php tag

make sure <?php is the absolute first thing in the file

php tells you that output started on line 2, but the session_start() error is on line 13.

counting back from line 13, there is no line 2, so i can tell that there is something before the <?php

Posted: Mon Jan 24, 2005 7:36 pm
by feyd

Posted: Mon Jan 24, 2005 7:37 pm
by HexKrak
Well line 1 was <html>, but now its <?php and it says the problem originates from there. So for some reason <?php is sending unalterable header information. Could this have something to do with the webserver? I've checked the phpinfo(), and I havent found anything that looks like it would cause such a problem, but I am very new to php so I could be overlooking something.

Posted: Mon Jan 24, 2005 7:59 pm
by HexKrak
THanks for the great link, however even with ob_start(); and putting a header in directly afterwords I still have the same problem.
I'll read thru the linked post a few more times and see if I cant figure out what I'm doing wrong, but it seems that the <? is actualy sending header info, which I believe would have something to do with the server, and I'll look into that a bit deeper now that I have a better Idea of what I'm looking for.

Or not, I ran a script that was just the header coming from the post form, and coming from nothing, and they both worked. However in this script no matter where I put a header I get the same error. I even tried putting a header("Location: ./index.html"); at the very begining and it gave me the same problem.

Posted: Mon Jan 24, 2005 8:20 pm
by d3ad1ysp0rk

Code: Select all

<?php
session_start();
$db = mysql_connect("host", "login", "pass") or die('Could not connect: ' . mysql_error());
mysql_select_db("database") or die("Could not select database");
$query = "SELECT * FROM userbase where Uname = '$_POST&#1111;uname]' AND pword = '$_POST&#1111;pword]'";
$result = mysql_query($query);

if (mysql_fetch_row($result))
&#123;
   mysql_free_result($result) or die('Cant free it');
   mysql_close($db) or die('Cant close it');

     header("Cache-control: private");
     $_SESSION&#1111;"access"] = "granted";
     header("Location: http://www.domain.com/secure.php");
     exit;
&#125;
else 
&#123;
   header("Location: /index.html");
   exit;
&#125;
 ?>
If you want to let the user know it didnt work AND redirect to a different page, you'll need to do one of two things.
  • *Use a meta refresh to first display the message (confirm or deny access) THEN redirect after x amount of seconds
    *Use a error tracking system. Maybe redirect to index.php?e=1 instead of index.html, and have that file check if an error exists, and if so, display the certain message.

Posted: Mon Jan 24, 2005 8:31 pm
by HexKrak
Holy hell, the problem was one single space before the <?php. I love this language, but damn! Thanks for the help, and as far as the deny scripting goes thanks also, because that'll definatly come in handy.