Hi everyone,<br /><br />Boy, I sure hope someone out there in TCH forum land can help me. I'm a PHP newbie who is running across errors when trying to use a simple authentication script. Here's the low-down ...<br /><br />Approximately two months ago (sometime in August or early September), I installed a very simple PHP authentication script on my website, along with a dedicated MySQL database to hold user names and passwords. I created two dummy users in the database and tested the authentication script with each "user". Testing involved (1) logging in, (2) moving from page to page while in the same session, and (3) logging out. For each of the dummy users, the script worked beautifully. Since the authentication script was working, I felt safe in putting the project aside while I worked on website for my mother-in-law.<br /><br />Fast forward two months. I pick up where I left off and have done no additional work to my website nor have I modified anything since I last tested the authentication script several weeks ago. Now, however, when I try to log in using my dummy accounts, I receive PHP error messages. Clearly, something has happened since the last time I worked on my website, but I don't know what it is. (FYI -- I am the only person with access to cPanel and the file manager for my website, so there's no chance that anyone has monkeyed with the code. Plus, the current code matches a hard copy of the code that I printed once I got the authentication script to work way back then, so I am confident that nothing's going on with the code.)<br /><br />Here are the error messages I am receiving.<br /><b>Number 1</b> --<br />Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /php-bin/verifysession.php:3) in /php-bin/verifysession.php on line 4<br /><br /><b>Number 2</b> --<br />Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /php-bin/verifysession.php:3) in /php-bin/verifysession.php on line 4<br /><br />I'm really stuck and need to get this login/authentication feature working again. If anyone can tell me what's going on, I'd really appreciate it. It seems to me like it's something with PHP itself, and not necessarily my code, since the errors occur as a result of a standard PHP session function -- session_start().<br /><br />Immediately following this message, I'm including the source code for my entire PHP authentication script for your review and examination. There are three files -- (1) login.php is the main login page, (2) verifysession.php is used on each page while the user is browsing during a logged-in session, and (3) logout.php closes the session and logs the user out. Thank you in advance to anyone who can shed some light on this for me and help me figure out how to resolve this issue.<br /><br />Thanks so much!<br />Kasey<br /><br /><br /><b>LOGIN.PHP</b><br /><?php<br />// This script found at <!-- w --><a class="postlink" href="http://www.etronicscomputers.com/docs/phpforbeginners.htm">www.etronicscomputers.com/docs/phpforbeginners.htm</a><!-- w --><br /><br />// Check that form fields are not empty; redirect back to login page if any<br />// fields are empty.<br />if( empty($username) || empty($password) ){<br />header("Location: <a href="http://www.kaseyscreations.com");" target="_blank">http://www.kaseyscreations.com");</a><br />}<br /><br />else {<br /> // Convert field values to simple variables. Add slashes to the username<br />// and md5() the password.<br />$user = addslashes($_POST['username']);<br />$pass = md5($_POST['password']);<br /><br />// Retrieve the keys to unlock the database (set the database connection variables)<br />include("deliberately blacked out the location of keys");<br /><br />// Connect to the database server<br />$db = mysql_connect("$dbHost", "$dbUser", "$dbPass") or die ("Error connecting to database server.");<br /><br />// Locate and select the database to use<br />mysql_select_db("$dbDatabase", $db) or die ("Unable to locate proper database.");<br /><br />// Search for the proper username/password combo in the database<br />$result = mysql_query("select * from users where username='$user' AND password='$pass'", $db);<br /><br />// Check that at least one row was returned (i.e., there was a match)<br />$rowCheck = mysql_num_rows($result);<br /><br />// If there is a match, grant access to member's-only area<br />if ($rowCheck>0) {<br />// Start the session and register a variable<br />session_start();<br />session_register('username');<br /><br />// Redirect the user to another page where we will make sure <br />// they've logged in.<br /> echo ('<meta http-equiv="refresh" content="0;url=verifysession.php" />');<br />}<br /><br />// There was no database match. Send user back to login page.<br />else {<br />echo ("Incorrect username or password. Please click the 'Back' button and try again.");<br />header("Location: <a href="http://www.kaseyscreations.com");" target="_blank">http://www.kaseyscreations.com");</a><br />}<br />}<br />?><br /><br /><br /><b>VERIFYSESSION.PHP</b><br /><html><head><title>Logout Page</title></head><br /><body bgcolor="#DEDEBA"><br /><?php<br />session_start();<br />if (session_is_registered('username')){<br />?><br /><br />You are logged in.<br/><br /><a href=http://www.totalchoicehosting.com/forums/lofiversion/index.php/"deliberately/blacked/out/logout.php">Logout</a><br /><br /><?php<br />}<br />// The session variable is not registered. Return to login page.<br />else {<br />header("Location: <a href="http://www.kaseyscreations.com");" target="_blank">http://www.kaseyscreations.com");</a><br />}<br />?><br /></body></html><br /><br /><br /><b>LOGOUT.PHP</b><br /><html><head><title>Successful Logout</title></head><br /><body bgcolor="#DEDEBA" text="#000000"><br /><?php<br />session_start();<br />if (session_is_registered('username')) {<br /> // Session variable is registered. The user is ready to logout.<br /> session_unset();<br /> session_destroy();<br />?><br />Logout was successful.<br /><?php<br />}<br />else {<br /> // The session variable is not registered.<br /> // The user should even be on this page.<br /> header("Location: <a href="http://www.kaseyscreations.com");" target="_blank">http://www.kaseyscreations.com");</a><br />}<br />?><br /></body></html><!--content-->
I'm having a bad week, so maybe I'm just not thinking clearly.... but don't you usually get that header message when you've got some html before whatever php is trying to do? (usually it's set cookies I thought, but it might apply to sessions as well)<br /><br />I know you said that the code was working before, but try pulling your session info up above the html on those last two pages.<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1--><?php<br />session_start();<br />if (session_is_registered('username')){<br />?><br /><html><head><title>Logout Page</title></head><br /><body bgcolor="#DEDEBA"><!--c2--></div><!--ec2--><!--content-->
vendlus,<br /><br />Thank you so much for your reply. I modified my code based on your suggestion, and voila' ... it works again!<br /><br />Thank you, thank you, thank you! <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/tongue.gif" style="vertical-align:middle" emoid="
" border="0" alt="tongue.gif" /> You rock!<br />Kasey<!--content-->
That's great. Glad to hear it works. You're most certainly welcome.<!--content-->
I'm having a bad week, so maybe I'm just not thinking clearly.... but don't you usually get that header message when you've got some html before whatever php is trying to do? (usually it's set cookies I thought, but it might apply to sessions as well)<br /><br />I know you said that the code was working before, but try pulling your session info up above the html on those last two pages.<br /><br /><!--c1--><div class='codetop'>CODE</div><div class='codemain'><!--ec1--><?php<br />session_start();<br />if (session_is_registered('username')){<br />?><br /><html><head><title>Logout Page</title></head><br /><body bgcolor="#DEDEBA"><!--c2--></div><!--ec2--><!--content-->
vendlus,<br /><br />Thank you so much for your reply. I modified my code based on your suggestion, and voila' ... it works again!<br /><br />Thank you, thank you, thank you! <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/tongue.gif" style="vertical-align:middle" emoid="
" border="0" alt="tongue.gif" /> You rock!<br />Kasey<!--content-->That's great. Glad to hear it works. You're most certainly welcome.<!--content-->