Newb Question on Login
Posted: Sat Mar 15, 2008 6:55 pm
Hi I'm following the login script tutorial here:
http://www.phpeasystep.com/workshopview.php?id=6
When I enter an incorrect login it works fine. When I enter the correct username and password, it throws these errors:
Warning: session_register(): Cannot send session cookie - headers already sent by (output started at /home/content/r/i/c/rich1949/html/menkenj/checklogin.php:10) in /home/content/r/i/c/rich1949/html/menkenj/checklogin.php on line 41
Warning: session_register(): Cannot send session cache limiter - headers already sent (output started at /home/content/r/i/c/rich1949/html/menkenj/checklogin.php:10) in /home/content/r/i/c/rich1949/html/menkenj/checklogin.php on line 41
Warning: Cannot modify header information - headers already sent by (output started at /home/content/r/i/c/rich1949/html/menkenj/checklogin.php:10) in /home/content/r/i/c/rich1949/html/menkenj/checklogin.php on line 43
Can anyone tell me what I'm doing wrong? I created the tables and followed the instructions explicitly.
My code is below. Thanks.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Check Login Page</title>
</head>
<body>
<?php
ob_start();
// include configuration file
include('config.php');
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$user", "$pass")or die("cannot connect");
mysql_select_db("$db")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
</body>
</html>
http://www.phpeasystep.com/workshopview.php?id=6
When I enter an incorrect login it works fine. When I enter the correct username and password, it throws these errors:
Warning: session_register(): Cannot send session cookie - headers already sent by (output started at /home/content/r/i/c/rich1949/html/menkenj/checklogin.php:10) in /home/content/r/i/c/rich1949/html/menkenj/checklogin.php on line 41
Warning: session_register(): Cannot send session cache limiter - headers already sent (output started at /home/content/r/i/c/rich1949/html/menkenj/checklogin.php:10) in /home/content/r/i/c/rich1949/html/menkenj/checklogin.php on line 41
Warning: Cannot modify header information - headers already sent by (output started at /home/content/r/i/c/rich1949/html/menkenj/checklogin.php:10) in /home/content/r/i/c/rich1949/html/menkenj/checklogin.php on line 43
Can anyone tell me what I'm doing wrong? I created the tables and followed the instructions explicitly.
My code is below. Thanks.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Check Login Page</title>
</head>
<body>
<?php
ob_start();
// include configuration file
include('config.php');
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$user", "$pass")or die("cannot connect");
mysql_select_db("$db")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>
</body>
</html>