PHP Sessions - Warnings

Question

I asked the question "php warning - headers already sent after server move" yesterday and I have made changes since to try and fix the problem but im still not getting it!

I am working on code that has been made by another company! Im not moving the site off their server and putting it on ours but the my problem is that sessions are not working across the pages on the new server!

I am getting the warning: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/com10002/public_html/bank/index.php:28) in /home/com10002/public_html/bank/includes/quickform.php on line 3

In my index.php

include('includes/functions.php');

$activeTab = "navhome"; 
$sent = false;

$title = (isset($_GET['title']))? mysql_real_escape_string($_GET['title']) : 'Home'; 
$title = str_replace('-',' ', $title);

if($title != '') { 

 $sql = "SELECT * 
   FROM contents 
   WHERE name LIKE '%$title%'
   LIMIT 1";

 $result = @mysql_query($sql);  
 $row = mysql_fetch_assoc($result);  
}

//Set page title
$pagetitle = (isset($row['name']) && $title != 'Home')? ucwords($row['name']) : "Bank Charges";

HTML..HEAD..META DATA AND TITLE TAGS..ECT

include('includes/header.php');

 <div class="textarea">
  <?php include('includes/rightcol.php'); ?>
  <div id="contentvideo" style="display:none;"></div>
  <h1><?=$row['h1'];?></h1>
  <h2><?=$row['h2'];?></h2>
  <?=$row['intro'];?> 

  <?php  include('includes/quickform.php');?>

  <?=$row['page_content'];?>   
 </div>

 <?php include('includes/subnav.php'); ?>

and in quickform.php

if($_POST) {
 session_start();
 $error = false; 
 $captcha = false;
 $sent = false;
etc.......

This is their code and currently works fine on the their server!

1) I have tried moving the session_start() to the top of index.php 2) Putting a session on both pages. 3) Removing white space before the session when it was in the index.php

My new version is the site is at www.compensation-claims.org/bank

Because this is not my code im not sure as to why they put the session in the quickform.php

Answer 1

Check out some of the answers listed for this question:

http://stackoverflow.com/questions/622192/php-warning-headers-already-sent-in-unknown

See if any of the gotchas mentioned there might be the case.

Answer 2

Hi,

A quick and dirty fix would be to activate output_buffering on your server, by modifying your php.ini file (and restarting Apache), setting something like this :

output_buffering=4096

The problem you have is because HTTP headers can't be sent if even only 1 character has already been sent ; by using that directive, you indicate that nothing should be sent before 4k of data have been buffered.

That's usually enough to buffer some white spaces that are present at the beginning/end of .php files, and are enough to cause that kind of trouble.

Note : this is a quick-and-dirty fix, but it might help you get the application working.

Of course, the best solution would be to remove any kind of output that is sent before calling session_start / or to move the call to session_start to the beginning of your PHP script.
One thing that often helps is to remove the closing ?> tag at the end of .php files, so you don't have any white space after it, as it doesn't exist anymore (yes, that's perfectly valid)

---

EDIT after having a second look at the given code :

In header.php :

• You are doing some output (HTML code, like the div "textarea")
• And, only then, you are starting the session with session_start
  • as some output has already been sent to the browser, the session_start cannot create the cookie, and fails.

So, you really need to move the session_start as high as possible : but it right at the beginning of index.php, for instance ; or, maybe, to get it everywhere, at the top of functions.php...

... But definitly NOT in the middle of some HTML output!

*(What I said earlier about output_buffering is probably the reason why this (not good) code worked before)*

This should solve the problem, I think...
Good luck, anyway !

Answer 3

Sounds like a UNIX character return is being sent to the browser because of how Windows handles carriage returns differently. One or more characters sent before sending headers will cause this error to occur. The alternative may be that the other server had output buffering enabled by a php.ini directive that was capturing and parsing any output before sending it to the client. This could have been the case for compression reasons. I would suggest comparing the php.ini configariton and seeing if gzip compression was enabled on the Apache server prior to the move.