views:

48

answers:

6

Hey,

i've another question about web-programming.

I programmed a login script, but everytime when i try to login it says that i've send the header informations already.

Here are the 2 files:

<?php
if($_GET['logout'] == 1) {
    setcookie('authorized', 1, time()-3600);    
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"&gt;

<html xmlns="http://www.w3.org/1999/xhtml"&gt;
<head>
    <title>Login - photoAdminSite</title>
</head>

<style type="text/css"> 
    body {
    text-align: center;
    font-family: helvetica;
    }

    #loginForm {
    padding: 1em;
    background: #e3e3e3;
    width: 260px;
    margin: 3em auto 0;
    text-align: left;

    }
</style>

<body>

<div id="loginForm">
<form method="post" action="confirm_login_credentials.php">

<h2>LOGIN</h2>
<p>Username: <input type="text" name="username" /></p>
<p>Password: <input type="password" name="password" /></p>
<p><input type="submit" value="Login" name="submit" /></p>

</form>
</div>
</body>
</html>





<?php
$username = $_POST['username'];
$password = $_POST['password'];

require 'database.php';

$q = "SELECT id FROM users_photoadminsite WHERE user_name = '$username' AND password = '$password'";

$result = $mysqli->query($q) or die(mysqli_error());

if (mysqli_num_rows($result) == 1) {
    setcookie('authorized', 1, 0);
    header("Location: index.php");
} else {
    header("Location: login.php");  
}
?>

i would be really happy about some helpful answers.

+1  A: 

You might have an empty line in the beginning of that php file. Maybe space before start of PHP script

praksant
A: 

See lines 60, 61, and 63, and how they come after all your HTML? Put them before instead.

Ignacio Vazquez-Abrams
+3  A: 

Cookies and Headers must be set before any output is sent to the browser. Try moving your login script to the top of the page. You might want to also consider sanitizing your queries to prevent malicious activity.

thetaiko
there are no output's before my statement. you can see it in the code above. hmm no idea where the mistake is.
mikep
@mikep - You split up your PHP code and have output in the middle. This causes headers to be sent to the browser.
thetaiko
A: 

When PHP says it's already sent the headers, it means that some text has already been output by the script (or the script that called it). This includes any and all error messages.

When the FIRST piece of text is output by PHP it sends its headers, but not before. In order to get HTTP cookies (part of the headers) to be set, the cookies must be sent before any text is output.

What you can do is enable output buffering using ob_start, and ob_end_flush, and other output-control functions.

What you can also do is to set the php.ini variable to automatically send the cookie header when it outputs text.

amphetamachine
A: 

If you do not have output_buffering enabled in your php.ini you will get this error because it will start sending the html right away. You need to edit your php.ini to enable output buffering.

manyxcxi
A: 

Is this on Windows? Check for BOM. Open it in Notepad and save it as ANSI to see if it helps.

ZZ Coder
yes i work on windwos. But what is BOM?
mikep
BOM is ugly thing - some character that some text editors put in front of utf textfile. You should have an option to turn it on/off in your text editor.http://en.wikipedia.org/wiki/Byte_order_mark
praksant
If you save file as UTF-8 or Unicode on Windows, BOM is added to the beginning. It's not visible to naked eyes but it still generate output in PHP. Just open the file in Notepad, click Save As and select "ANSI" as encoding. That should remove the BOM.
ZZ Coder