Confusing Errors

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
CoolAsCarlito
Forum Contributor
Posts: 192
Joined: Sat May 31, 2008 3:27 pm
Contact:

Confusing Errors

Post by CoolAsCarlito »

Trying to figure out why its giving me these messages:


Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/content/y/a/n/yankeefaninkc/html/argyle/backstage.php:6) in /home/content/y/a/n/yankeefaninkc/html/argyle/backstage.php on line 44

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/content/y/a/n/yankeefaninkc/html/argyle/backstage.php:6) in /home/content/y/a/n/yankeefaninkc/html/argyle/backstage.php on line 44

Warning: Cannot modify header information - headers already sent by (output started at /home/content/y/a/n/yankeefaninkc/html/argyle/backstage.php:6) in /home/content/y/a/n/yankeefaninkc/html/argyle/backstage.php on line 64

What I want to do is have it do the check to check the authlevel of the user and then if he's 1 then have it bring up the user control panel and if its a 2 then have it bring up the admin control panel.

This is my code:

Code: Select all

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Backstage V1 Administration Console</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<?php include('backstage.css'); ?>
</head>
<?php 
 
require ('database.php');
 
//if the login form is submitted
if(isset($_POST['login']))
{
    // makes sure they filled it in
    if(!$_POST['username'] || !$_POST['pass'])
    {
        die('You did not fill in a required field.');
    }
 
    $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
 
    //Gives error if user dosen't exist
    $check2 = mysql_num_rows($check);
    if ($check2 == 0)
    {
        die('That user does not exist in our database.');
    }
    while($info = mysql_fetch_array( $check )) 
    {
        $_POST['pass'] = md5(stripslashes($_POST['pass']));
        $info['password'] = stripslashes($info['password']);
        //$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
        //gives error if the password is wrong
        if ($_POST['pass'] != $info['password'])
        {
            die('Incorrect password, please try again.');
        }
        else 
        
        // if login is ok then we add a cookie and send them to the correct page
        { 
            $_POST['username'] = stripslashes($_POST['username']); 
            session_start();
            $_SESSION['username'] = $_POST['username']; 
            $_SESSION['loggedin'] = time();
            
            // Finds out the user type
            $query = "SELECT `authlevel` FROM `users` WHERE `username` = '" . $username . "'";
            $result = mysql_query($query) or die(mysql_error()); 
            $row = mysql_fetch_array($result); 
            $authLevel = $row['authlevel'];
            $_SESSION['authlevel'] = $authLevel;
        
            // Sends them to correct page after login
            if($authLevel == "2")
            {
                $page = "admin.php";
            }
            else
            {
                $page = "backstage.php";
            }
            header("Location: $page"); 
        } 
    } 
} 
else 
{ 
// if they have not submitted the form
?> 
<body>
 
<div id="login"> 
<center>
<h1>KOW Backstage</h1><br>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>Username:</p>
<input type="text" name="username" maxlength="40" size="40">
<br><br> 
<p>Password:</p>
<input type="password" name="pass" maxlength="50" size="40"> 
<br><br>
<input type="submit" name="login" value="Login >>"><br><br>
</form>
</center>
</div>
</body>
</html>
<?php
}
?>
watson516
Forum Contributor
Posts: 198
Joined: Mon Mar 20, 2006 9:19 pm
Location: Hamilton, Ontario

Re: Confusing Errors

Post by watson516 »

If Im not mistaken, you have to start_session() before the headers are sent...before anything is displayed
CoolAsCarlito
Forum Contributor
Posts: 192
Joined: Sat May 31, 2008 3:27 pm
Contact:

Re: Confusing Errors

Post by CoolAsCarlito »

So how should it look then? And I did add a little to my post.
Reviresco
Forum Contributor
Posts: 172
Joined: Tue Feb 19, 2008 4:18 pm
Location: Milwaukee

Re: Confusing Errors

Post by Reviresco »

The php code needs to go first, before the HTML (and before any line breaks or spaces).

The lines referred to, 44 and 64, have a session_start() and header() respectively; these have to come before any output or they will throw that error.

So, move all the php code to the very top of the document, before the doctype. Make sure there are no spaces or line breaks before the php code starts.
CoolAsCarlito
Forum Contributor
Posts: 192
Joined: Sat May 31, 2008 3:27 pm
Contact:

Re: Confusing Errors

Post by CoolAsCarlito »

Okay when I logged in all it did was stay at the login with no errors so I'm assuming it worked. Now what I want is for me to figure out how to insert my layout for my admin panel into the script so that after it checks the authlevel and sees I"m an admin it can go down to the bottom of the script and go to where it says to put in the admin panel.
Post Reply