Page 1 of 1

session/cookie wrapper class

Posted: Thu May 17, 2007 4:41 pm
by GeXus
I'm doing a wrapper class for handling sessions and cookies... but i'm getting an error 'headers already sent' and not quite sure why...

Code: Select all

Class Security {

/**
 * set() - Sets a session and cookie
 * get() - Tries to get session, if it's not available, tries to get cookie
 * encode() - encodes the session value 
 * decode() - decodes the session value
 * __destruct - Destroys both sessions and cookies
 */


function __construct(){
if(!isset($_SESSION)) session_start();
}

function __destruct(){

	session_unset();
	session_destroy();
	if(isset($_COOKIE)){
		
		foreach($_COOKIE as $key => $cookie){
			
			setcookie($key, "", time() - 3600);
		}
		
	}
	
	
}


public function set($name, $value, $cookie = null){


	$this->name = $name;
	$this->value = $value;
	$this->cookie = $cookie;

	
	$_SESSION[$this->name] = $this->encode($this->value);
	
	if(!is_null($this->cookie)){

		setcookie($this->name, $this->encode($this->value));
	}

}




public function get($name){

	$this->name = $name;
	
	if(isset($_SESSION[$this->name])){
		
		return $this->decode($_SESSION[$this->name]);

	}elseif(isset($_COOKIE[$this->name])){

		return $this->decode($_COOKIE[$this->name]);

	}else{

		return false;
	}

}

private function encode($value){


	return base64_encode($value);

}

private function decode($value){

	return base64_decode($value);

}

}

Code: Select all

$security = new Security();

$security->set('test','123');

echo $security->get('test');
The error is on line 27 which is

Code: Select all

setcookie($key, "", time() - 3600);

Posted: Thu May 17, 2007 4:52 pm
by nickvd

Posted: Thu May 17, 2007 4:55 pm
by GeXus
So does setcookie write to the headers?

Posted: Thu May 17, 2007 4:59 pm
by nickvd
An extra blank line on ANY FILE included prior to the file throwing the error can cause it...


This question is asked AT LEAST 5 times a day....



SEARCH

Posted: Thu May 17, 2007 5:01 pm
by GeXus
nickvd wrote:An extra blank line on ANY FILE included prior to the file throwing the error can cause it...


This question is asked AT LEAST 5 times a day....



SEARCH
Yes, and that is not the problem.

Posted: Thu May 17, 2007 5:07 pm
by nickvd
So you're not getting the "Headers already sent" problem?

Posted: Thu May 17, 2007 5:17 pm
by GeXus
Yes, but it's not related to spacing... it was specifically due to the setcookie causing the problem, which I did not know sent to the headers.. so I simply added @ before it.

Posted: Thu May 17, 2007 5:25 pm
by nickvd
setcookie does set headers, but does not send them the instant you use the function..

pre-pending with the 'at' symbol only suppresses any output generated by the function call, it wont stop it from setting headers (as that is it's purpose)...

As long as you call setcookie BEFORE sending any output you won't encounter the problem.

Posted: Thu May 17, 2007 6:00 pm
by RobertGonzalez
I have offered this advice in the past, so I will offer it again:

Do not shut up errors in your code, fix your code to not throw errors.

Headers already sent means you sent output to the browser before calling a function that sends response headers. Namely, session_start(), header() and setcookie(). Whenever you use these functions make sure to do so before ever sending any output or you will get headers already sent messages.

Making the error not squawk is not the same as fixing the error in your code. At least not in this case.