I am currently creating a login system authentication using A.M.P combination and when I get to login page and submit my username and password, the database sees my authentication, but when it redirect to the page requested, there is error occured which is:

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\webroot\inventory_system\LoginFrames.php:2) in C:\webroot\inventory_system\LoginFrames.php on line 4

Below is the admin_login.php code:

<?php
ob_start();
session_start();
$_SESSION['logged']=0;
//connect to server and select database
include "conn.inc.php";

//check for required fields from the form
if((!$_POST['username']) || (!$_POST['password']))
{ header("Location: index.php");
    exit;
}

//create and issue the query
if (isset($_POST['Submit'])) {
$query = "SELECT admin_id, admin_password FROM admin WHERE admin_id = '" . $_POST['username'] . "' " .
"AND admin_password = '" . $_POST['password'] . "'";

$result = mysql_query($query) or die(mysql_error());
  $row = mysql_fetch_array($result);

//get the number of rows in the result set; should be 1 if match
if (mysql_num_rows($result) == 1)
{
    $_SESSION['user_logged'] = $_POST['username'];
    $_SESSION['user_password'] = $_POST['password'];
    $_SESSION['logged']=1;

    $redirect = $_SERVER['PHP_SELF'];
    header ("Refresh: 5; URL=LoginFrames.php?redirect=$redirect");
    echo "You are being redirected to your original page request!<br>";
  } else {
  ob_end_flush();
?>
<html>
<head>
<title>Admin Login</title>
</head>
<body>
<p>
  <strong>Invalid Username and/or Password</strong><br>
  <form action="admin_login.php" method="post">

    Admin ID: <input type="text" name="username"><br>
    Password: <input type="password" name="password"><br><br>
    <input type="submit" name="Submit" value="Login">
  </form>
</p>
</body>
</html>
<?php
  }
}
?>

And the requested page-> LoginFrames.php code:

<?php
ob_start();
session_start();

if ((isset($_SESSION['admin_logged']) && $_SESSION['admin_logged']!= "") ||
   (isset($_SESSION['admin_password']) && $_SESSION['admin_password'] != "")) {
      include "LoginFrames.php";
}
else {
      echo "<P>You are UNAUTHORIZED to access this page! Please login.</p>";
    ob_end_flush();
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Center For Information Technology Services (CITS)</title>
</head>

<frameset rows="230,*" cols="*" frameborder="NO" border="0" framespacing="0">
  <frame src="LoginFrame_top.php" name="topFrame" scrolling="NO" noresize>
  <frameset rows="*" cols="221,*" framespacing="0" frameborder="NO" border="0">
    <frame src="LoginFrame_left.php" name="leftFrame" scrolling="NO" noresize>
    <frame src="LoginFrame_centre.php" name="mainFrame">
  </frameset>
</frameset>
<noframes><body>
</body></noframes>
</html>



Thanks in advance to anybody who may help..