Challenge/Response Secure Login Process - Warning: session_s

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
gf05856
Forum Newbie
Posts: 16
Joined: Sat Sep 02, 2006 11:17 am
Location: Belgium

Challenge/Response Secure Login Process - Warning: session_s

Post by gf05856 »

Dear,

I am trying to get the tutorial "Challenge/Response Secure Login Process" to work on my shared hosting on php5/mysql but get the following error when filling out the login form on the index page with userid: devnetwork & password:

Code: Select all

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/content/XXXXXXXX/html/login/login.php:1) in /home/content/XXXXXXX/html/login/login.php on line 5

Warning: Cannot modify header information - headers already sent by (output started at /home/content/XXXXXXX/html/login/login.php:1) in /home/content/XXXXXXXX/html/login/login.php on line 103
These are lines 5 & 103

Code: Select all

1 <?php
2/*
3    Start the PHP Session
4*/
5session_start();
6/*
7   Connect to database, and some table (say mytestdatabase)
8    Edit for your own credentials...
9*/
10$conn = mysql_connect('hostname', 'username', 'password') or die('Database is down for maintenance at the moment');
11mysql_select_db('database', $conn) or die ('Can\'t access any tables at the moment : ' . mysql_error());
...
...

99if($_POST['response'] == $expected_response)
100{
101    $_SESSION['authenticated'] = 1;
102    $_SESSION['userid'] = $user['userid'];
103    header('Location: hello.php');
I am using the downloaded code at the bottom of the tutorial.

Thanks!

I see that my host also supports sha512/php5 - where do I change the code to just use the build in php function instead of the SHA256 static class for PHP4 - which maybe also the reason why it's not working under php5 although I have read somewhere here I think that it should work ... anyway I see a record being added to the challenge database every time I "login"
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Is there a blank or BOM before <?php on line 1?
It's send as-it to the client making it impossible to send additional http headers like those for session handling.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

It would appear you have a space or some other character data before the opening <?php.

viewtopic.php?t=1157
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Dreamweaver anyone? :)
gf05856
Forum Newbie
Posts: 16
Joined: Sat Sep 02, 2006 11:17 am
Location: Belgium

Post by gf05856 »

yep, sorry to have wasted your time!

Maybe somebody can adjust the download file's as there seem to be a space before the <php ... in the login.php included in the zip file

Thanks !
Post Reply