Cannot modify header information - headers already sent

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

tua1
Forum Commoner
Posts: 28
Joined: Thu May 15, 2008 9:30 pm

Cannot modify header information - headers already sent

Post by tua1 »

I am a newbie in PHP and sorry about my english.
I can't find a solution about my problem. I try so many tips but nothing worked.

This is my error:

Warning: Cannot modify header information - headers already sent by (output started at C:\WebServ\httpd\Runners\scripts\register.php:52) in C:\WebServ\httpd\Runners\scripts\register.php on line 347.


And this is my register.php:

Code: Select all

<?php
 
$debug = FALSE;
 
/************************************************************
Adjust the headers...
************************************************************/
header("Expires: Thu, 17 May 2001 10:17:17 GMT"); // Date in the past
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header ("Pragma: no-cache"); // HTTP/1.0
 
/*****************************************************************************
Check the session details.
we will store all the post variables in session variables
this will make it easier to work with the verification routines
*****************************************************************************/
session_start();
 
 
if (!isset($_SESSION['SESSION'])) require_once( "../include/session_init.php" );
 
$arVal = array();
require_once("../include/session_funcs1.php");
 
reset ($_POST);
while (list ($key, $val) = each ($_POST)) {
if ($val == "") $val = "NULL";
$arVals[$key] = (get_magic_quotes_gpc()) ? $val : addslashes($val);
if ($val == "NULL")
$_SESSION[$key] = NULL;
else
$_SESSION[$key] = $val;
//if ($key != "haslo1" && $key !="haslo2") $arVals[$key] = "'".$arVals[$key]."'";
//
// if ("haslo1"!="haslo2") $arVals[$key] = "'".$arVals[$key]."'";
// if ($debug) echo $key . " : " . $arVals[$key] . "<br>";
 
}
?>
 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>- Runner's - Internetowy Sklep Sportowy</title>
<link href="../css/master.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="divRamka">
<a name="gora"></a>
<div id="divNaglowek"> <img id="imgLewyNaglowek"src="../images/lewy_naglowek.png">
<img id="imgPrawyNaglowek" src="../images/prawy_naglowek.png">
<!--<div id="divNaglowekG"></div>-->
<div id="divNaglowekD">
<div id="divLogo">
<img id="imgLogo" src="../images/logo.jpg"></div>
<!--poczatek linkow w naglowku-->
<ul id="ulLinki">
<li><a href="">Link</a></li>
<li><a href="">Link</a></li>
<li><a href="">Link</a></li>
<li><a href="">Link</a></li>
</ul>
<ul id="ulLinki2">
<li><a href="">Link</a></li>
<li><a href="">Link</a></li>
<li><a href="">Link</a></li>
<li><a href="">Link</a></li>
</ul>
<ul id="ulKontakt">
<li><strong>Kontakt:</strong></li>
<li><img src="http://www.gadu-gadu.pl/users/status.asp?id=1473834styl=1" id="img2"></li>
<li><a href="gg:1473834">1473834</a></li>
<li><img src="../images/skype.gif" id="img1"></li>
<li>01716665489</li>
</ul>
<!--koniec linkow w naglowku i poczatek panelu loginu-->
<form id="frmLogin" action="login.php" method="post">
<ul id="ulLogin">
<li>Login</li>
<li><input class="input" type="text" name="login" size="11" maxlength="20"></li>
<li>Haslo</li>
<li>
<input class="input" type="password" name="haslo" size="11" maxlength="40">
</li>
<li><input id="submit" type="submit" name="zaloguj" value="Zaloguj" class="submit"></li>
 
</ul>
</form>
<!--koniec panelu loginu i poczatek poziomego menu-->
<ul id="ulMenuPoziome">
<li class="current"><a href="rejestracja.html">Rejestracja</a></li>
<li><a href="">Regulamin</a></li>
<li ><a href="">Regulamin</a></li>
<li><a href="">Regulamin</a></li>
<li><a href="">Regulamin</a></li>
<li><a href="">Regulamin</a></li>
</ul>
<!--koniec menu poziomego-->
<ul id="ulKoszyk">
<li><a href=""><img id="imgKoszyk" src="../images/koszyk.png"></a></li>
<li>Ilosc:</li>
<li>Suma:</li>
</ul>
</div>
</div>
<!--koniec naglowka-->
<!-- <div id="divSrodek">-->
<!--poczatek lewej kolumny-->
<div id="divLewaKolumna"> <img id="imgNaszaOferta" src="../images/NASZ_OFERTA.png">
<div id="divLewaMenu">
<!--lewe menu-->
<div id="divLinki">
<ul>
<li class="obecny"><a href="">Link<img id="imgKwadracik" src= "../images/KWADRACIK.png"></a></li>
<li><a href="">Link<img id="imgKwadracik" src= "../images/KWADRACIK.png"></a></li>
<li><a href="">Link<img id="imgKwadracik" src= "../images/KWADRACIK.png"></a></li>
<li><a href="">Link<img id="imgKwadracik" src= "../images/KWADRACIK.png"></a></li>
<li><a href="">Link<img id="imgKwadracik" src= "../images/KWADRACIK.png"></a></li>
<li><a href="">Link<img id="imgKwadracik" src= "../images/KWADRACIK.png"></a></li>
<li><a href="">Link<img id="imgKwadracik" src= "../images/KWADRACIK.png"></a></li>
<li><a href="">Link<img id="imgKwadracik" src="../images/KWADRACIK.png"></a></li>
</ul>
</div>
</div>
<!--koniec lewego menu-->
<img id="imgDolTabeli" src="../images/DOL_MENU.png"> </div>
<!--koniec lewej kolumny-->
<!--poczatek panelu wyszukiwarki-->
<div id="divPrawaKolumna"> <img id="imgNaglowekTbl" src="../images/WYSZUKIWARKA3000.png">
<div id="divSzukaj">
<div id="SzukajZawartosc">
<form action="szukaj.php" method="post">
<input type="text" size="15" maxlength="100" name="szukaj">
<input id="inpSzukaj" type="submit" value="Szukaj" class="submit">
</form>
</div>
</div>
<img id="imgDolTabeli" src="../images/DOL_TABELI2000.png">
<img id="imgNaglowekTbl" src="../images/TOP_5.png">
<!--Top5-->
<div id="divTop5">
<table id="tblProdukty">
<tr>
<th> 1.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>2.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>3.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>4.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>5.</th>
<td><a href="">Produkt</a></td>
</tr>
</table>
</div>
<!--koniec Top5-->
<img id="imgDolTabeli" src="../images/DOL_TABELI2000.png">
<img id="imgNaglowekTbl" src="../images/NOWOSCI.png">
<div id="divNowosci">
<table id="tblProdukty">
<tr>
<th> 1.</th>
<td ><a href="">Produkt</a></td>
</tr>
<tr>
<th>2.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>3.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>4.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>5.</th>
<td><a href="">Produkt</a></td>
</tr>
</table>
</div>
<img id="imgDolTabeli" src="../images/DOL_TABELI2000.png">
<img id="imgNaglowekTbl" src="../images/PROMOCJE.png">
<div id="divNowosci">
<table id="tblProdukty">
<tr>
<th > 1.</th>
<td ><a href="">Produkt</a></td>
</tr>
<tr>
<th>2.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>3.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>4.</th>
<td><a href="">Produkt</a></td>
</tr>
<tr>
<th>5.</th>
<td><a href="">Produkt</a></td>
</tr>
</table>
</div>
<img id="imgDolTabeli" src="../images/DOL_TABELI2000.png"> </div>
<div id="php"><?php
/**********************************************************************************************
Make sure session variables have been set and then check for required fields
otherwise return to the registration form to fix the errors.
**********************************************************************************************/
 
// check to see if these variables have been set...
if ((!isset($_SESSION["login"])) || (!isset($_SESSION["haslo1"])) || (!isset($_SESSION["haslo2"])) || (!isset($_SESSION["email"])) || (!isset($_SESSION["imie"])) || (!isset($_SESSION["nazwisko"])) || (!isset($_SESSION["adres"])) || (!isset($_SESSION["kod_pocztowy"])) || (!isset($_SESSION["miasto"])) || (!isset($_SESSION["wojewodztwo"])) ) {
resendToForm("?flg=red");
}
// form variables must have something in them...
if ($_SESSION['login'] == "" || $_SESSION['haslo1'] == "" || $_SESSION['haslo2'] == "" || $_SESSION['email'] == "" || $_SESSION['imie'] == ""
|| $_SESSION['nazwisko'] == "" || $_SESSION['adres'] == "" || $_SESSION['kod_pocztowy'] == ""|| $_SESSION['miasto'] == "" || $_SESSION['wojewodztwo'] == "") {
resendToForm("?flg=red");
}
 
if ($_SESSION['wojewodztwo'] == 0) {
resendToForm("?flg=orange");
}
 
 
// if (strcmp($_SESSION['haslol'],$_SESSION['haslo2']) != 0)
// {
// resendToForm("?flg=pink");
// }
 
 
 
//if (strlen($_SESSION['haslol']) <6) {
// resendToForm("?flg=purple");
// }
 
// make sure fields are within the proper range...
if (strlen($_SESSION['login']) > 20 || strlen($_SESSION['haslo1']) > 40 || strlen($_SESSION['haslo2']) > 40
|| strlen($_SESSION['email']) > 50 || strlen($_SESSION['imie']) > 25
|| strlen($_SESSION['nazwisko']) > 25 || strlen($_SESSION['adres']) > 100 || strlen($_SESSION['miasto']) > 30 ) {
resendToForm("?flg=white");
}
 
// // make sure fields are within the proper range... cut off any extra...
// if (strlen($_SESSION['q1']) > 60) $_SESSION['q1'] = substr($_SESSION['q1'],0,60);
// if (strlen($_SESSION['q2']) > 60) $_SESSION['q2'] = substr($_SESSION['q2'],0,60);
// if (strlen($_SESSION['q3']) > 60) $_SESSION['q3'] = substr($_SESSION['q3'],0,60);
 
 
/**********************************************************************************************
Check the DB for records...
**********************************************************************************************/
 
// check for the email already in the database...
$query = "SELECT COUNT(email) FROM klienci_id where email = '".$_SESSION['email']."'";
if ($debug) echo "<br>SQL STATEMENT:<br>".$query."<br><br>";
 
mysql_pconnect($_SESSION['MYSQL_SERVER1'],$_SESSION['MYSQL_LOGIN1'],$_SESSION['MYSQL_PASS1'])
or die("Unable to connect to SQL server");
mysql_select_db($_SESSION['MYSQL_DB1']) or die("Unable to select database");
 
$result = mysql_query($query) or die("Invalid query (login): " . mysql_error());
$row = mysql_fetch_row($result);
 
if ($row[0] > 0) { // an email aleady exists in the database, because the row count > 0...
resendToForm("?flg=yellow");
}
 
/* WHEN YOU INSERT USE MD5 for Passwords!!!! */
$password = $arVals['haslo1'];
$arVals['haslo1'] = "'".sha1($arVals['haslo1'])."'";
 
/**********************************************************************************************
Insert into the database...
**********************************************************************************************/
// mysql_query (...);
//$id = mysql_insert_id();
//mysql_query (...);
$query1= "INSERT INTO klienci_id (ID_kli,login, haslo, email)"
."VALUES (NULL,'".$arVals['login']."', ".$arVals['haslo1'].",'".$arVals['email']."')";
 
 
//echo $query;
 
$result = mysql_query($query1) or die("Invalid query: " . mysql_error() . "<br><br>". $query1);
$id = mysql_insert_id();
 
$query2="INSERT INTO klienci_adres (ID_kli,imie, nazwisko, adres, kod_pocztowy, miasto, ID_woj) VALUES (".$id.",'".$arVals['imie']."', '".$arVals['nazwisko']."', '".$arVals['adres']."', '".$arVals['kod_pocztowy']."', '".$arVals['miasto']."', ".$arVals['wojewodztwo'].")";
 
$result = mysql_query($query2) or die("Invalid query: " . mysql_error() . "<br><br>". $query2);
SendMail($id, $password);
 
 
function SendMail($id, $password) {
// Construct the message....
$mail = "Witaj ".$_SESSION['imie'].",\n\nDziekujemy za rejestracje.\nZyczymy przyjemnych zakupów\n\n";
$mail .= "Twój login to: ".$_SESSION['login']."\n";
$mail .= "Twoje haslo to: ".$_SESSION['haslo1']."\n";
$mail .= "Imie i Nazwisko: ".$_SESSION['imie']." ".$_SESSION['nazwisko']."\n";
$mail .= "Adres: ".$_SESSION['adres']."\n";
$mail .= $_SESSION['kod_pocztowy']."\n";
$mail .= $_SESSION['miasto']."\n";
$mail .= $_SESSION['wojewodztwo']."\n";
$mail .= "Email adres: ".$_SESSION['email']."\n";
 
$mail .= "Pozdrawiamy,\nSklep Sportowy Runner's\n\n";
 
// If any lines are larger than 70 characters, we will use wordwrap()
$message = wordwrap($mail, 70);
 
// Send the email...
mail($_SESSION['email'], 'Witaj w naszym sklepiku', $message, "Nadawca: local@".$SESSION['APP_SERVER']."\r\n");
 
$mail = str_replace("\n", "<br>", $mail);
echo "<b>Nastepujacy email zostal wyslany:</b><br>".$mail;
 
}
 
/*** This following function will update session variables and resend to the form so the user can fix errors ***/
 
function resendToForm($flags) {
reset ($_POST);
// store variables in session...
while (list ($key, $val) = each ($_POST)) {
$_SESSION[$key] = $val;
}
// go back to the form...
//echo $flags;
header("Location: ../user_registration.php".$flags);
exit;
}
?>
<!--SUCCESS!<br>The data was entered in the database!<br>
You probably want to redirect to a thank you page or send an email to the user for confirmation.-->
 
<?php
reset ($arVals);
while (list ($key, $val) = each ($arVals)) {
//echo $key . " : " . $arVals[$key] . "<br>";
}
echo "<br><br>Zapytanie SQL<br>";
echo $query."<br><br><br><br>";
 
 
 
 
?></div>
<!--koniec prawej kolumny-->
<div id="divText">
<!--poczatek panelu pokaz-->
<form id="frmPokaz" action="pokaz.php" method="post" >
<fieldset id="Pokaz"><legend>Wybierz swoja kategorie</legend><table id="tblPokaz" >
<tr>
<td class="underline">Dyscyplina:</td>
<td>
<select name="dyscyplina" id="select">
<option selected value="0">&nbsp;</option>
<option value="1">Koszykówka</option>
<option value="2">Pilka Nozna</option>
<option value="3">Sztuki walki</option>
<option value="4">Lekkoatletyka</option>
<option value="5">Terefere</option>
<option value="6">fdgd</option>
<option value="7">fdgdfg</option>
</select> </td>
<td class="underline">
Kategoria: </td>
<td>Odziez </td>
<td>
<input name="odziez" type="checkbox" class="checkbox" value="1" > </td>
<td>Sprzet</td>
<td><input name="sprzet" type="checkbox" class="checkbox" value="2"> </td>
<td>Inne</td>
<td><input name="inne" type="checkbox" class="checkbox" value="3" > </td>
<td><input type="submit" class="submit" name="submit" id="pokaz" value="Pokaz"></td>
</tr>
</table></fieldset>
</form>
<!-- koniec panelu pokaz -->
 
 
</div>
<!-- </div>-->
<!--poczatek stopki-->
 
 
<div id="divStopka"> <img id="imgLewyStopka" src="../images/LEWA_STOPKA.png"> <img id="imgPrawyStopka" src="../images/PRAWA_STOPKA.png">
<div id="divStopka_stopka"> <img id="imgStrzalka" src="../images/strzalka-65.png"> <a id="aDogory" href="#gora">Do góry</a>
<ul id="ulLinkiStopka">
<li><a href="rejestracja.html">Rejestracja</a></li>
<li>:</li>
<li><a href="">Link</a></li>
<li>:</li>
<li><a href="">Link</a></li>
<li>:</li>
<li><a href="">Link</a></li>
<li>:</li>
<li><a href="">Link</a></li>
<li>:</li>
<li><a href="">Link</a></li>
</ul>
<a id="aCopyright">Copyright 2008</a> </div>
</div>
<!--koniec stopki-->
</div>
<!--koniec ramki-->
</body>
</html>

Could anybody help me??
Frank Shi
Forum Newbie
Posts: 6
Joined: Thu Mar 13, 2008 4:03 am

Re: Cannot modify header information - headers already sent

Post by Frank Shi »

session_start(); is error .

You must take it to top of codes, and nothing print.

follow that:
<?php
session_start();
...........
...........php codes
?>

or you can modify php.ini :

output_buffering = 4096

I am a new guy in php too.and sorry for my English.
User avatar
lafever
Forum Commoner
Posts: 99
Joined: Sat Apr 05, 2008 2:03 pm
Location: Taylor, MI

Re: Cannot modify header information - headers already sent

Post by lafever »

session_start() is not his issue for a header error, although you are correct abut putting session_start() at the top of your script.

You cannot have HTML code before the header() which in the line giving the error (Line 347)

Code: Select all

 
header("Location: ../user_registration.php".$flags);  
 
You will have to use ob_start() (I believe) before the header() which I do believe is not recommended to use it for that.
tua1
Forum Commoner
Posts: 28
Joined: Thu May 15, 2008 9:30 pm

Re: Cannot modify header information - headers already sent

Post by tua1 »

Thanks for yours responding.

As you said I put a ob_start(); at the beginning on the file, and ob_flush(); at the end, and it works:) That's great, the error is no more:)

But I have another problem with validation on my form:

I want check that passwords are the same. I know this is very begininng level, but I tried few version of that script and it didn't work.
I wrote a script:

Code: Select all

if (strcmp($_SESSION['pass1'],$_SESSION['pass2']) != 0)
{
    resendToForm("?flg=pink");
}
And it returns always that passwords are not the same, even when I put the same word in both fields. Maybe cause I use $_SESSION values??

Code: Select all

if (strlen($_SESSION['haslol']) <6) {
    resendToForm("?flg=purple");
    }
This script isn't working too, if I put pass longer than 6 the script return that the pass is too short:/



The second big problem with my validation is checking that the email adress that client put in form is in mysql database.

Here is the script:

Code: Select all

 
<?php ob_start(); 
       $debug = FALSE;
        session_start();
 
 
    if (!isset($_SESSION['SESSION'])) require_once( "../include/session_init.php" );
 
    ....
 
 
Check the DB for records...
**********************************************************************************************/
 
    // check for the email already in the database...
    $query = "SELECT COUNT(email) FROM client_id where email = '".$_SESSION['email']."'";
    if ($debug) echo "<br>SQL STATEMENT:<br>".$query."<br><br>";
    
    mysql_pconnect($_SESSION['MYSQL_SERVER1'],$_SESSION['MYSQL_LOGIN1'],$_SESSION['MYSQL_PASS1'])
                   or die("Unable to connect to SQL server");
    mysql_select_db($_SESSION['MYSQL_DB1']) or die("Unable to select database");
   
     $result = mysql_query($query) or die("Invalid query (login): " . mysql_error());
     $row = mysql_fetch_row($result);
     
    if ($row[0] > 0) {  // an email aleady exists in the database, because the row count > 0...
        resendToForm("?flg=yellow");
    }   ?>
The session_init.php file:

Code: Select all

 
<?php
    $_SESSION['APP_MX'] = "localhost";
    $_SESSION['APP_SERVER'] = "localhost";
    $_SESSION['SITE_EMAIL'] = "local@localhost.com";
    
    $_SESSION['MYSQL_SERVER1'] = "localhost";
    $_SESSION['MYSQL_LOGIN1'] = "test";
    $_SESSION['MYSQL_PASS1'] = "test";
    $_SESSION['MYSQL_DB1'] = "shop";
    
    $_SESSION['LOGGEDIN'] = "";
    $_SESSION['USERID'] = 0;
    
    $_SESSION['EMAIL'] = "";
    $_SESSION['FNAME'] = "";
    $_SESSION['LNAME'] = "";
    
    $_SESSION['SESSION'] = true;
    
?>
It isn't works I can register users with the same email addres:/


Could anybody help me?
User avatar
lafever
Forum Commoner
Posts: 99
Joined: Sat Apr 05, 2008 2:03 pm
Location: Taylor, MI

Re: Cannot modify header information - headers already sent

Post by lafever »

tua1 wrote: I want check that passwords are the same. I know this is very begininng level, but I tried few version of that script and it didn't work.
I wrote a script:

Code: Select all

if (strcmp($_SESSION['pass1'],$_SESSION['pass2']) != 0)
{
&nbsp; &nbsp; resendToForm("?flg=pink");
}
To make sure they match you have to check them against each other like so

Code: Select all

 
if ($_SESSION['pass1'] != $_SESSION['pass2']) {
// passwords do not match
 resendToForm("?flg=pink");
}
 
tua1 wrote: The second big problem with my validation is checking that the email adress that client put in form is in mysql database.

It isn't works I can register users with the same email addres:/
You are checking it wrong

Code: Select all

 
$query = "SELECT COUNT(email) FROM client_id where email = '".mysql_real_escape_string($_SESSION['email'])."'";
$result = mysql_query($query) or die("Invalid query (login): " . mysql_error());
if (mysql_num_rows($result) > 0) {
// email exists
echo 'email exists';
}
 
 

Also, you should check the Regex forum on here and search for some email validation snippets to make sure people are inputting correct email addresses.


Another thing......

Why in the hell are you storing your connection info in a $_SESSION? That should be stored as constants outside of your root directory, DEFINITELY not in a SESSION
Last edited by lafever on Fri May 16, 2008 5:26 am, edited 1 time in total.
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: Cannot modify header information - headers already sent

Post by onion2k »

tua1 wrote:As you said I put a ob_start(); at the beginning on the file, and ob_flush(); at the end, and it works:) That's great, the error is no more:)
That's a very bad solution to the problem you're having. It'll make your script a lot slower to load for the user and use a lot more resources on the server. I suggest you read the PHP manual pages for those two functions.
User avatar
lafever
Forum Commoner
Posts: 99
Joined: Sat Apr 05, 2008 2:03 pm
Location: Taylor, MI

Re: Cannot modify header information - headers already sent

Post by lafever »

Well I did say it wasn't recommended :P
tua1
Forum Commoner
Posts: 28
Joined: Thu May 15, 2008 9:30 pm

Re: Cannot modify header information - headers already sent

Post by tua1 »

Thanks for quick responds.
onion2k wrote: That's a very bad solution to the problem you're having. It'll make your script a lot slower to load for the user and use a lot more resources on the server. I suggest you read the PHP manual pages for those two functions.
Is there any better solution, maybe?

This is only a school project, I won't public it in the web so I don't care about this that much.
If the all things that I want to work fine, will work fine, already will be success for me, at least now when I beginner.
lafever wrote: Why in the hell are you storing your connection info in a $_SESSION? That should be stored as constants outside of your root directory, DEFINITELY not in a SESSION
If I store in $_POST, it will be correct?
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: Cannot modify header information - headers already sent

Post by onion2k »

tua1 wrote:Is there any better solution, maybe?

This is only a school project, I won't public it in the web so I don't care about this that much.
If the all things that I want to work fine, will work fine, already will be success for me, at least now when I beginner.
Organise the code in a way that means you never output any text before outputting a header.
tua1
Forum Commoner
Posts: 28
Joined: Thu May 15, 2008 9:30 pm

Re: Cannot modify header information - headers already sent

Post by tua1 »

onion2k wrote: Organise the code in a way that means you never output any text before outputting a header.

You mean don't use any echo's and any html tags???
Last edited by tua1 on Fri May 16, 2008 7:22 am, edited 2 times in total.
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: Cannot modify header information - headers already sent

Post by onion2k »

tua1 wrote:
onion2k wrote: Organise the code in a way that means you never output any text before outputting a header.
You mean don't use any echo's and any html tags???
Before all the checks to see if you need to forward the user somewhere else are done, yes.

Roughly speaking you should do something like:

Include any constants, connections, session start up code necessary
Check inputs are valid
Check to see if the user should be redirected somewhere
Any database inserts/updates
Output the HTML

Obviously that won't work for every script you write, but it's a step in the right direction. The basic point is that you should output the HTML last.
tua1
Forum Commoner
Posts: 28
Joined: Thu May 15, 2008 9:30 pm

Re: Cannot modify header information - headers already sent

Post by tua1 »

onion2k wrote: Roughly speaking you should do something like:

Include any constants, connections, session start up code necessary
Check inputs are valid
Check to see if the user should be redirected somewhere
Any database inserts/updates
Output the HTML

Obviously that won't work for every script you write, but it's a step in the right direction. The basic point is that you should output the HTML last.
Thanks, I try to change that in future.

Code: Select all

       // check for the email already in the database...
    $query = "SELECT COUNT(email) FROM klienci_id where email = '".$_SESSION['email']."'";
    //if ($debug) echo "<br>SQL STATEMENT:<br>".$query."<br><br>";
    
    mysql_pconnect($_SESSION['MYSQL_SERVER1'],$_SESSION['MYSQL_LOGIN1'],$_SESSION['MYSQL_PASS1'])
                   or die("Unable to connect to SQL server");
    mysql_select_db($_SESSION['MYSQL_DB1']) or die("Unable to select database");
   
     $result = mysql_query($query) or die("Invalid query (login): " . mysql_error());
     $row = mysql_fetch_row($result);
     
    if ($row[0] > 0) {  // an email aleady exists in the database, because the row count > 0...
        resendToForm("?flg=yellow");
    }   
   

This script works correct, is script is good? but if I put mysql_real_escape_string($_SESSION['email'])."'";
I have a error:

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO)

Do I have to use mysql-real-escape-string function? if yes why?, I read manual and understood that this is for safety use mysql_query(), correct?
User avatar
Jade
Forum Regular
Posts: 908
Joined: Sun Dec 29, 2002 5:40 pm
Location: VA

Re: Cannot modify header information - headers already sent

Post by Jade »

tua1 wrote:
This script works correct, is script is good? but if I put mysql_real_escape_string($_SESSION['email'])."'";
I have a error:

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO)

Do I have to use mysql-real-escape-string function? if yes why?, I read manual and understood that this is for safety use mysql_query(), correct?
If you're getting that error its because you haven't connected to a database yet.

Code: Select all

 
//connect to a database
mysql_connect("localhost", "username", "password")
or die ('there was an error: ' . mysql_error());
 
mysql_select_db("databasename")
or die ('there was an error: ' . mysql_error());
 
//now you can call this
mysql_real_escape_string($_SESSION['email']);
 
tua1
Forum Commoner
Posts: 28
Joined: Thu May 15, 2008 9:30 pm

Re: Cannot modify header information - headers already sent

Post by tua1 »

Thank you, I should have known better this:/

Anyway I still don't know why that function is important, maybe is it for resist sql injection??

And I wonder what I have to do with my connection info, which I store in $_SESSION.
Can I store it $_POST, and where??

I use local server: "Webserv"

This is where I store my site:

C:\WebServ\httpd\Runners\ <--main files such us registration.php, etc.
(localhost\Runners)

C:\WebServ\httpd\Runners\include<--where I store session_init.php, with my connection info.

So where I have to put this file? outside the Runners folder?



Could anyone help?
User avatar
Jade
Forum Regular
Posts: 908
Joined: Sun Dec 29, 2002 5:40 pm
Location: VA

Re: Cannot modify header information - headers already sent

Post by Jade »

This function is important for large areas of text. It puts escape characters around things that have double and single quotes in them that can break your query.

The $_POST function is only accessible once a form has posted data to the server. Personally, I store all my database connection information in a file I call dbconnect.php and then I just include it in every file I use that way I set it once and forget about it. The problem with setting it in a session is that you're then sending that information back and forth over the internet in packets. If you're going to keep doing that then I suggest you encrypt everything.

As far as where to put a db connection file, I always put in outside of my web directory so no one can access it. So in your case, you'd put it in C:\WebServ\ and then include it from a file under the Runners folder by doing:

Code: Select all

 
<?php
include('../dbconnect.php');
?>
 
Post Reply