Wrox Programmer Forums
Go Back   Wrox Programmer Forums > PHP/MySQL > Pro PHP
|
Pro PHP Advanced PHP coding discussions. Beginning-level questions will be redirected to the Beginning PHP forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Pro PHP section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old April 27th, 2005, 06:02 PM
Registered User
 
Join Date: Apr 2005
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default Problem with session_start()

I am using PHP with mySQL to allow users to login. I am using $_SESSION[] to pass variables such as there username, password, as well as the standard.

The script works fine for the first page but on my second page I get the following errors:

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at \\brink-premfs1\sites\premium3\exitcharde\webroot\forum\my Posts.php:1) in \\brink-premfs1\sites\premium3\exitcharde\webroot\forum\ch eck_login.php on line 2

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at \\brink-premfs1\sites\premium3\exitcharde\webroot\forum\my Posts.php:1) in \\brink-premfs1\sites\premium3\exitcharde\webroot\forum\ch eck_login.php on line 2

I know that I need to have session_start() before anything is outputted. I don't think that is the issue. I can't seem to figure out why else I would get these messages though.

Here is my code:
----------------------------------------------------------------------------
Script from page giving errors (myPosts.php)
----------------------------------------------------------------------------
<?php
require 'connect.php';

if ($logged_in == 0) {
    die('Sorry you are not logged in. <a href="login.php" target="_parent">Click here</a> to log in.');
}
?>
<!--
<HTML>
<HEAD>......Content.....

----------------------------------------------------------------------------
connect.php
----------------------------------------------------------------------------
<?php

$conn = new COM('ADODB.Connection');
$conn->Open("DRIVER={MySQL ODBC 3.51 Driver}; SERVER=mysql2.brinkster.com;DATABASE=exitcharde;UI D=exitcharde;PWD=joecharde;");

include('check_login.php');
?>
----------------------------------------------------------------------------
check_login.php
----------------------------------------------------------------------------

<?php
session_start();

if (!isset($_SESSION['userName']) || !isset($_SESSION['password'])) {
    $logged_in = 0;
    return;
} else {
    if(!get_magic_quotes_gpc()) {
        $_SESSION['userName'] = addslashes($_SESSION['username']);
    }


    // addslashes to session username before using in a query.
    $result = @$conn->Execute("SELECT password FROM users WHERE username = '".$_SESSION['userName']."'") or die('Database Error. Please Try Again');

    if($result->EOF){
        $logged_in = 0;
        unset($_SESSION['userName']);
        unset($_SESSION['password']);
    }

    $ret_pass = stripslashes($result->fields[0]->value);
    $_SESSION['password'] = stripslashes($_SESSION['password']);



    //compare:



    if($_SESSION['password'] == $ret_pass) {
        // valid password for username
        $logged_in = 1;
    } else {
        $logged_in = 0;
        unset($_SESSION['userName']);
        unset($_SESSION['password']);
        // kill incorrect session variables.
    }
}


// clean up
unset($ret_pass);

$_SESSION['userName'] = stripslashes($_SESSION['userName']);

?>
----------------------------------------------------------------------------
login.php
----------------------------------------------------------------------------

<?php

// database connect script.

require 'connect.php';

if($logged_in == 1) {
    echo ;
    die('<html><head><title>Login</title><SCRIPT LANGUAGE = "JavaScript">function getURL() {var url = "http://www.askmeaboutexit.com/forum/";parent.window.location.href= url} </SCRIPT></head><html><body onload="javascript: getURL()">'.$_SESSION['name'].', You are already logged in.');

}


?>
<html>
<head>
<title>Login</title>
<SCRIPT LANGUAGE = "JavaScript">

function getURL() {
var url = 'http://www.askmeaboutexit.com/forum/';
parent.window.location.href= url

}


</SCRIPT>
</head>

<?php

if (isset($_POST['submit'])) { // if form has been submitted


    /* check they filled in what they were supposed to and authenticate */
    if(!$_POST['userName'] | !$_POST['password']) {
        die('You did not fill in a required field. <a href="login.php" target="_parent">Click here</a> to return to Login.');
    }

    // authenticate.

    if (!get_magic_quotes_gpc()) {
        //$_POST['userName'] = addslashes($_POST['userName']);
    }

    $check = $conn->Execute("SELECT first, userName, password, login_count FROM users WHERE userName = '".$_POST['userName']."'");

    if($check->EOF){
        die('That Username Does Not Exist In Our System. <a href="login.php" target="_parent">Click here</a> to return to Login.');
    }


    // check passwords match

    $_POST['password'] = stripslashes($_POST['password']);
    $ret_pass = stripslashes($check->fields[2]->value);
    $_POST['password'] = /*md5(*/$_POST['password'];

    if ($_POST['password'] != $ret_pass) {
        die('Incorrect password, please try again.');
    }

    // if we get here username and password are correct,
    //register session variables and set last login time.
    $count = $check->fields[3]->value;
    $count = $count+1;
    $date = date('H:i M d, Y');

    $update_login = $conn->Execute("UPDATE users SET login_count='".$count."', last_login = '".$date."' WHERE username = '".$_POST['userName']."'");

    $_POST['userName'] = stripslashes($_POST['userName']);
    $_SESSION['userName'] = $_POST['userName'];
    $_SESSION['password'] = $_POST['password'];
    $_SESSION['name'] = stripslashes($check->fields[0]->value);
    $logged_in = 1;


?>
<body onload="javascript: getURL()">
<h1>Logged In</h1>
<p>Welcome back <?php echo $_SESSION['name']; ?>, you are currently logged in.</p>

<?php

} else { // if form hasn't been submitted

?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
  <tr>
    <td align="right">User Name:</td>
    <td ><input name="userName" type="text" size="25"></td>
  </tr>
  <tr>
    <td align="right">Password:</td>
    <td><input name="password" type="password" size="25"></td>
  </tr>
  <tr>
    <td></td>
    <td align="right"><input name="submit" type="submit" value="Login"></td>
  </tr>
</table>
</form>
<?php
}
?>
</body>
</html>
----------------------------------------------------------------------------


Again...All of this works for the first page (index.php) which starts just like myPosts.php


----------------------------------------------------------------------------
index.php
----------------------------------------------------------------------------
<?php

require 'connect.php');

if ($logged_in == 0) {
    die('Sorry you are not logged in. <a href="login.php" target="_parent">Click here</a> to log in.');
}


?>
<HTML>
<HEAD>...........content............
----------------------------------------------------------------------------

Any help you can give would be great!

justinr@charde.com
 
Old April 28th, 2005, 07:45 AM
Friend of Wrox
 
Join Date: Jun 2003
Posts: 101
Thanks: 0
Thanked 1 Time in 1 Post
Send a message via AIM to Moharo
Default

howdy sir

this error occurs only if you have some output to a browser before session_start() is invoked. if you don't have anything like that, that means that the code you have, has created an output. display the page and click "view source" to see if there's anything before the error you have.... peace

www.campusgrind.com - college portal
 
Old April 28th, 2005, 09:14 AM
richard.york's Avatar
Wrox Author
 
Join Date: Jun 2003
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default

Cross-post with: http://p2p.wrox.com/topic.asp?TOPIC_ID=29829
Post replies there.

Please do not cross-post.

Regards,
Rich

--
[http://www.smilingsouls.net]
Mail_IMAP: A PHP/C-Client/PEAR solution for webmail
Author: Beginning CSS: Cascading Style Sheets For Web Design
 
Old April 28th, 2005, 12:08 PM
Registered User
 
Join Date: Apr 2005
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I posted in 3 topics and still didn't get answers...This forum sucks. http://forums.devnetwork.net/ is much better

By the way...I figured out what was wrong. Something to do with Dreamweaver giving out hidden chars. I recreated the file in notepad and it works fine.

 
Old April 29th, 2005, 12:31 AM
Friend of Wrox
 
Join Date: Aug 2004
Posts: 117
Thanks: 0
Thanked 2 Times in 2 Posts
Default

hi

----------------------------------------------------------------------------
connect.php
----------------------------------------------------------------------------
<?php

$conn = new COM('ADODB.Connection');
$conn->Open("DRIVER={MySQL ODBC 3.51 Driver}; SERVER=mysql2.brinkster.com;DATABASE=exitcharde;UI D=exitcharde;PWD=joecharde;");

include('check_login.php');

instad of include() try to use require('check_login.php')
and let me know if it works.
because i had the same problem and I fixed it by changing them


 
Old June 10th, 2005, 01:53 PM
Registered User
 
Join Date: May 2005
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to ricacasc Send a message via Yahoo to ricacasc
Default

i think that you should to try this locate the session_name and session_start hear.

<?php
session_name("login");
session_start();

$conn = new COM('ADODB.Connection');
$conn->Open("DRIVER={MySQL ODBC 3.51 Driver}; SERVER=mysql2.brinkster.com;DATABASE=exitcharde;UI D=exitcharde;PWD=joecharde;");

include('check_login.php');
?>

--check_login.php -------
with out session_start in this file, because the best is that you always use this at the beginning of code

<?php
if (!isset($_SESSION['userName']) || !isset($_SESSION['password'])) {
    $logged_in = 0;
    return;
} else {
    if(!get_magic_quotes_gpc()) {
        $_SESSION['userName'] = addslashes($_SESSION['username']);
    }


    // addslashes to session username before using in a query.
    $result = @$conn->Execute("SELECT password FROM users WHERE username = '".$_SESSION['userName']."'") or die('Database Error. Please Try Again');

    if($result->EOF){
        $logged_in = 0;
        unset($_SESSION['userName']);
        unset($_SESSION['password']);
    }

    $ret_pass = stripslashes($result->fields[0]->value);
    $_SESSION['password'] = stripslashes($_SESSION['password']);



    //compare:



    if($_SESSION['password'] == $ret_pass) {
        // valid password for username
        $logged_in = 1;
    } else {
        $logged_in = 0;
        unset($_SESSION['userName']);
        unset($_SESSION['password']);
        // kill incorrect session variables.
    }
}


// clean up
unset($ret_pass);

$_SESSION['userName'] = stripslashes($_SESSION['userName']);

?>








Similar Threads
Thread Thread Starter Forum Replies Last Post
Warning: session_start(): tanybrw989 Beginning PHP 9 May 10th, 2009 06:16 PM
session_start() changusee2k PHP How-To 2 February 11th, 2006 05:32 AM
Problem with session_start() jmrdeuce32 Beginning PHP 4 May 8th, 2005 05:09 PM
Problem with Session_Start() jmrdeuce32 PHP How-To 2 April 29th, 2005 12:32 AM
session_start() problem cfemocha BOOK: Beginning PHP, Apache, MySQL Web Development ISBN: 978-0-7645-5744-6 1 September 28th, 2004 08:44 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.