Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Back End Login page, session issues

  • This topic is empty.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #33990
    Jerm993
    Member

    I am in the process of building a web application that requires php, when I don’t have much knowledge of php myself(I like a good challenge). I have followed a premium tutorial on how to build a log-in system found on nettuts. However, upon trying to log in as a user this error message pops up in my error log on my server.

    [19-Aug-2011 19:30:06] PHP Warning: session_start() [function.session-start]: Cannot send session cookie – headers already sent by (output started at /home/y059riaj/public_html/facetweeter.com/header.php:10) in /home/y059riaj/public_html/facetweeter.com/header.php on line 15

    [19-Aug-2011 19:30:06] PHP Warning: session_start() [function.session-start]: Cannot send session cache limiter – headers already sent (output started at /home/y059riaj/public_html/facetweeter.com/header.php:10) in /home/y059riaj/public_html/facetweeter.com/header.php on line 15

    I honestly have no idea what it means. here is the login code, code from line 15, and the blocked page.

    login

    
    require ('./functions.php');
    // Has the user submitted the form
    if($_POST){
    // Protect the submitted data
    $username = protect($_POST);
    $password = protect($_POST);

    // Check if the username or password boxes were not filled in
    if(!$username || !$password){
    //if not display an error message
    echo "
    You need to fill in a Username and a Password!
    ";
    }else{
    // if they were continue checking

    // select all rows from the table where the username matches the one entered by the user
    $res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."'");
    $num = mysql_num_rows($res);

    // check if there was not a username match
    if($num == 0){
    //if not display an error message
    echo "
    The Username you supplied does not exist!
    ";
    }else{
    // if there was a match continue checking

    // select all rows where the username and password match the ones submitted by the user
    $res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password` = '".$password."'");
    $num = mysql_num_rows($res);

    // check if there was not a match
    if($num == 0){
    // if not display error message
    echo "
    The Password you supplied does not match the one for that username!
    ";
    }else{
    // if there was continue checking

    // split all fields fom the correct row into an associative array
    $row = mysql_fetch_assoc($res);

    // check to see if the user has not activated their account yet
    if($row != 1){
    //if not display error message
    echo "
    You have not yet Activated your account!
    ";
    }else{
    // if they have log them in

    // set the login session storing there id - we use this to see if they are logged in or not
    $_SESSION = $row;

    // update the online field to 50 seconds into the future
    $time = date('U')+50;
    mysql_query("UPDATE `users` SET `online` = '".$time."' WHERE `id` = '".$_SESSION."'");

    //redirect them to the usersonline page
    echo '';
    }
    }
    }
    }
    }

    ?>

    line 15 -header.php

    
    //allow sessions to be passed so we can see if the user is logged in
    session_start();

    //connect to the database so we can check, edit, or insert data to our users table
    $con = mysql_connect('localhost', 'user', 'pass') or die(mysql_error('Could not connect.'));
    $db = mysql_select_db('y059riaj_ft', $con) or die(mysql_error('Could not connect to db.'));

    //include login.php
    //require ("./login.php");

    ?>

    Main_page.php

    	
    
    //if the login session does not exist therefore meaning the user is not logged in
    if(!$_SESSION){
    //display and error message
    echo '';
    }else{
    //otherwise continue the page

    //this is out update script which should be used in each page to update the users online time
    $time = date('U')+50;
    $update = mysql_query("UPDATE `users` SET `online` = '".$time."' WHERE `id` = '".$_SESSION."'");
    ?>

    Most of the code is identical to the code found in the tutorial, although some of it is spread out. For instance, the login can be found at the top of almost all pages, I set the login action to login.php; however, the form is in the header.php file. Thanks for the help this PHP noobie needs it!

    – Jeremy Carlsten

    #85849
    djpic
    Participant

    This error means you have already outputted echo or printed data out the the browser. The session_start() must precede ANY output to the browser.

    P.S.
    Google is your friend. If you would have googled “Cannot send session cookie – headers already sent by” you would have found the answer right away.

    #85850
    djpic
    Participant

    Also, I normally use:

    header('Location: http://websitehere.com/logout.php');

    When I am trying to redirect someone in PHP say for a bad login.

    #86769
    9mileshq
    Participant

    Try putting

    at the top of your page before any other PHP – it will clear any headers already sent so you’ll be able to redirect.

Viewing 4 posts - 1 through 4 (of 4 total)
  • The forum ‘Back End’ is closed to new topics and replies.