Login Page

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
lostprophetpunk
Forum Newbie
Posts: 21
Joined: Sat May 31, 2008 3:49 am

Login Page

Post by lostprophetpunk »

I think I might have a problem with my login page, as it gives me an error when I am logging in to my system.

I get the following error when I login...
Warning: Cannot modify header information - headers already sent by (output started at /home/a4334033/public_html/project/login.php:6) in /home/a4334033/public_html/project/login.php on line 262
Then below that I get the same but on line 263 and line 265.

Below is the code for my login.php...

Code: Select all

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>Mini-Antiques > Login</title>
<style type='text/css'>
* html{
margin: 0;
padding: 0;
border: 0;
}
 
body {
  background-color: #000000;
}
 
#container {
  margin: 0 auto;
  width: 800px;
}
#hcontainer {
  margin: 0 auto;
  width: 800px;
}
#header {
  width: 800px;
  height: 254px;
  background-image: url(images/w_header.png);
  background-repeat: no-repeat;
}
 
#mcontainer {
  margin: 0 auto;
  width: 560px;
  background-color: #ba9f6d;
}
#main {
  width: 550px;
  height: auto;
  margin: 0 auto;
  background-color: #ba9f6d;
  color: #000000;
  font-family: helvetica, sans-serif;
  font-weight: bold;
  font-size: 12px;
}
 
#nav {
  width: 800px;
  height: 48px;
  background-image: url(images/w_nav.png);
  background-repeat: no-repeat;
  font-family: helvetica, sans-serif;
  font-size: 14px;
  font-weight: 900;
  color: #000000;
  text-align: center;
  padding-top: 6px;
}
#fcontainer {
  margin: 0 auto;
  width: 800px;
}
#footer {
  width: 800px;
  height: 68px;
  color: #000000;
  background-image: url(images/w_footer.png);
  background-repeat: no-repeat;
  padding-top: 8px;
  text-align: center;
  font-family: helvetica, sans-serif;
  font-weight: bold;
  font-size: 12px;
}
 
h1 {
  font-size: 25px;
  font-family: "tebuchet ms", sans-serif;
  font-weight: 900;
  color: #4679aa;
}
 
a:link {
  color: #ffffff;
  font-family: helvetica, sans-serif;
  font-weight: bold;
  font-size: 14px;
}
 
a:visited {
  color: #ffffff;
  font-family: helvetica, sans-serif;
  font-weight: bold;
  font-size: 14px;
}
 
a:hover {
  color: #ffffff;
  font-family: helvetica, sans-serif;
  font-weight: bold;
  font-size: 14px;
}
 
a:active {
  color: #ffffff;
  font-family: helvetica, sans-serif;
  font-weight: bold;
  font-size: 14px;
}
 
.name {
    font: 11px Verdana, Arial, Helvetica, sans-serif;
    color: #000000;
        font-weight: 900;
}
.textfield {
    font-size: 11px;
    color: #ffffff;
    background-color: #333333;
    border: 1px solid #555555;
}
</style>
</head>
<body>
 
<div id='container'>
 <div id='header'></div>
 <?php include'nav.php'; ?>
<div id='main'>
 
<?php 
 
/*
* login.php
* ---------------------
* Description:
*   This file logs the user in and creates a session in the database.
* 
*/
 
include 'global.php';
 
$username = mysql_real_escape_string( trim($_POST['username']) );
$password = mysql_real_escape_string( $_POST['password'] );
$submit = $_POST['submit'];
 
if( isset( $_COOKIE['session_id'] ) || isset ( $_COOKIE['user_id'] ) ){
// Already logged in so cancel script.
    
    $safeSessionId = mysql_real_escape_string( $_COOKIE['session_id'] );
    $query = mysql_query("SELECT * FROM sessions WHERE session_id='$safeSessionId'");
    $data = mysql_fetch_array( $query );
    
    if($data['session_id'] == ''){
    // Session Doesn't Exist
    
    setcookie('session_id','',time()-3600,'');
    setcookie('user_id','',time()-3600,'/');
    
    } else {
    
    //User Is Already Logged In. Kill Script.
    echo 'You are alreay logged in.';
    return;
    }
    
}
 
if( isset( $submit ) ){
// The user submitted the login form
 
    if( $username == '' ){
    // Username Field is Blank
    $error[0] = 'Username Field Is Blank';
    echo $username;
    } else {
    
        $query = mysql_query("SELECT * FROM members WHERE username='$username'");
        $data = mysql_fetch_array($query);
        
        if( $data['id'] == '' ){
        
        $error['top'] = 'Username and/or password do not match.';
        
        } else {
        
        $error['top'] = '';
        $error[0] = FALSE;
        
        }
        
    }
    
    if( $password == '' ){
    // Password Field Was Blank
    
    $error[1] = 'Password Field Is Blank';
    
    } else {
        
        $MD5password =  md5( $password );
        
        $query = mysql_query("SELECT * FROM members WHERE username='$username'");
        $data = mysql_fetch_array($query);
        
        if( $data['password'] == $MD5password ){
        
        $error[1] = FALSE;
        $user_id = $data['id'];
        
        } else {
        
        $error['top'] = 'Username and/or password do not match.';
        $error[1] = '-';
        
        }
    
    }
    
    if( $error[0] == '' && $error[1] == ''){
    // Everything is alright
    
    $session_id = mt_rand();
    $loop = TRUE;
    $timeStamp = time();
    $location = 'Loggin In';
        
        // Makes sure there aren't duplicate session ids    
        
        $query = mysql_query("SELECT * FROM sessions WHERE session_id='$session_id'");
        $data = mysql_fetch_array($query);
        
        if($data['id'] == ''){
        
        $loop = false;
        
        }
        
        while($loop){
            
            $session_id = mt_rand();
            
            $query = mysql_query("SELECT * FROM sessions WHERE session_id='$session_id'");
            $data = mysql_fetch_array($query);
            
            if($data['id'] == ''){
            
            $loop = false;
            
            }
            
        }
    
    // Create Session
    
    mysql_query("INSERT INTO sessions
        (session_id,time,user_id,location)
        values
        ('$session_id','$timeStamp','$user_id','$location')");
    
    setcookie('session_id',$session_id,time() + $TimeOutFormula,'/');
    setcookie('user_id',$user_id,time() + $TimeOutFormula,'/');
    
    header('Location: '.$LandingPage);
    
    return; // Kills script so login form wont show up.
    
    } else {
    // Something went wrong
    }
    
} else {
// The user has not submitted the login form
 
}
 
?>
 
 
 
<form action="" method="POST">
<?php echo $error['top'] ?>
<table align='center'>
 
    <tr>
        <td class='name'> Username </td>
        <td class='textfield'> <input type="text" name="username" value="<?php echo $_POST['username'] ?>"><?php echo $error[0] ?></td>
    </tr>
    
    <tr>
        <td class='name'> Password </td>
        <td class='textfield'> <input type="password" name="password"></td>
    </tr>
    
    <tr>
        <td colspan="2"> <input name="submit" type="submit" value="Login"> </td>
    </tr>
    
</table>
 
</form><br />
</div>
<div id='footer'></div>
</div>
 
</body>
</html>
I have tried googling it and searching within this forum, but found no answers, so I thought I would post the problem.

It would be great if anyone could help me on this.
dbemowsk
Forum Commoner
Posts: 82
Joined: Wed May 14, 2008 10:30 pm

Re: Login Page

Post by dbemowsk »

This issue has been covered a MILLION times in the forum. Do a search in the forum on the error you are getting.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: Login Page

Post by Benjamin »

You need to process the login code before you send any data. In your case your sending html and then processing the login. You'll need to move your code up so that it processes the login request before sending html. You cannot send a single space before sending the location header, or any headers for that matter.
lostprophetpunk
Forum Newbie
Posts: 21
Joined: Sat May 31, 2008 3:49 am

Re: Login Page

Post by lostprophetpunk »

Thanks for the help.

I have a new problem in the following script which is added.php...

The problem is the 'Parse error: unexpected T_STRING etc' one.

I have looked over the code below, and found that there are no missing brackets, so what could be causing the error?

Code: Select all

<?php
 
include 'protect.php';
 
activate('Added')
 
?>
<?php
 
*connection code*
*has been removed*
 
$book_new=$_POST['bookt'];
$author_new=$_POST['authorl'];
$price_new=$_POST['pricen'];
$year_new=$_POST['yearn'];
$origin_new=$_POST['originn'];
$condition_new=$_POST['conditionn'];
 
if( trim( $book_new ) == ''){
$book_new = "--NULL--";
}
 
if( trim( $author_new ) == ''){
$author_new = "--NULL--";
}
 
if( $price_new == 'nothing'){
$price_new = "--NULL--";
}
 
if( $year_new == 'nothing1'){
$year_new = "--NULL--";
}
 
if( $origin == 'nothing2'){
$origin = "--NULL--";
}
 
if( $condition == 'nothing3'){
$condition = "--NULL--";
}
 
$query = "INSERT INTO books (ID,Book_Title,Author,Price,Publication_Year,Origin_Country,Condition)
VALUES ('','$book_new','$author_new','$price_new','$year_new','$origin_new','$condition_new');
 
echo "Hello there";
 
mysql_close($con)
 
?>
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Re: Login Page

Post by Benjamin »

Your missing a " at the end of your database query string.
Post Reply