0

Showing Error

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/content/82/11942882/html/praveen/Allyface/index.php:8) in /home/content/82/11942882/html/praveen/Allyface/index.php on line 11

Warning: session_start() [function.session-start]: Cannot send session cache limiter - >headers already sent (output started at >/home/content/82/11942882/html/praveen/Allyface/index.php:8) in >/home/content/82/11942882/html/praveen/Allyface/index.php on line 11

index.php

<?php
//simple PHP login script using Session
//start the session * this is important
session_start();

//login script
if(isset($_REQUEST['ch']) && $_REQUEST['ch'] == 'login'){

//give your login credentials here
if($_REQUEST['uname'] != '' && $_REQUEST['pass'] != '')
{
    $email=$_REQUEST['uname'];
    $pass=$_REQUEST['pass'];
    //echo $email.$pass;
    include("db.php");
mysql_query("select * from users where email='$email' and pass='$pass' ");
if(mysql_affected_rows()>0)
{

$_SESSION['login_user'] = $email;
}
else
{
    $_SESSION['login_msg'] = 1;

}
}
else
$_SESSION['login_msg'] = 1;
}

//get the page name where to redirect
if(isset($_REQUEST['pagename']))
$pagename = $_REQUEST['pagename'];

//logout script
if(isset($_REQUEST['ch']) && $_REQUEST['ch'] == 'logout'){
unset($_SESSION['login_user']);
header('Location:index.php');
}
if(isset($_SESSION['login_user'])){
if(isset($_REQUEST['pagename']))
{
?>
//header('Location:'.$pagename.'.php');
<script type="text/javascript">
self.location='<?php echo $pagename.'.php';  ?>';
 </script>
<?php
}
else
{
$email=$_REQUEST['uname'];
?>
   <script type="text/javascript">
    self.location='<?php echo 'home.php';  ?>';
     </script>
    <?php
    }
//header('Location:home.php');
}else{
?>


  <form id="" name="form1" method="post" action="">
  <table width="452" border="0">
    <tr>
      <td width="172">  <input name="uname" type="text" style="margin-top:15px;     width:150px; height:22px;   border:1px solid #CCCCCC; padding-left:30px;" placeholder="Email or Phone" />
</td>
      <td width="177">    <input name="pass" type="password" style=" margin-top:15px;   width:150px; height:22px;   border:1px solid #CCCCCC; padding-left:30px;"   placeholder="Password" />
</td>
      <td width="81"><input name="login" type="submit" style=" margin-top:15px; background-color:#FFFF00;background-color: #fdd922; margin-left:30px;
border: 1px solid #e0bc27; font-weight:bold;
border-radius: 2px 2px 2px 2px; height:25px; font-family:Verdana, Arial, Helvetica,       sans-serif; font-size:12px;  color: #565656;" placeholder="login" value="Login" /></td>
    </tr>
    <tr>
      <td colspan="3"><?php
//display the error msg if the login credentials are wrong!
if(isset($_SESSION['login_msg'])){
echo '<div style="font-family:Verdana, Arial, Helvetica, sans-serif; font-size:12px;      color:#F00;">Wrong username and password !</div>';
unset($_SESSION['login_msg']);
}
?>    </td>
      </tr>
  </table>



  <input type="hidden" name="ch" value="login">
  </form>
  </div>
  <?php } 

?>

home.php

<?php 
session_start();

//check logged in or not!
if(!isset($_SESSION['login_user'])){
    ?>
//header('Location:index.php?pagename='.basename($_SERVER['PHP_SELF'], ".php"));

<script type="text/javascript">
self.location='<?php echo 'index.php?pagename='.basename($_SERVER['PHP_SELF'],".php"); ?    >';
 </script>
<?php
}
else
{
    include("db.php");
$uname=$_SESSION['login_user'];

$q=mysql_query("select * from users where email = '$uname'");
while($r=mysql_fetch_array($q))
{
$uid=$r['fname'];

?>

Please Help me Thanks in advance

Praveen V R
  • 21
  • 5
  • Your code is vulnerable to SQL injections. You should read on [how to prevent them in PHP](http://stackoverflow.com/q/60174/53114). – Gumbo Mar 22 '14 at 17:46
  • The error means there is output before you are starting the session. It could be a space or new line. – mathius1 Mar 22 '14 at 17:46
  • @mathius1 the code doesn't seems to have any new-line or output before session starts – Umair Ayub Mar 22 '14 at 18:31

3 Answers3

0

Make sure there is no data sent by the server before dealing with Sessions. This includes White Spaces, Blank Lines or any type of data.

code2be
  • 1,311
  • 1
  • 10
  • 15
0

The point where output started is shown in the error message:

output started at /home/content/82/11942882/html/praveen/Allyface/index.php:8

It seems you have a "dispatcher" index.php, which loads other php files (like login.php). The reason for this error is something being printed in index.php on line 8.

If you see nothing printed on index.php, then there might be a newline at the end of file (if you are using Vi, it leaves a trailing new line on every file)

mesutozer
  • 2,809
  • 1
  • 10
  • 13
  • sorry it's my mistake ... not login.php ... page name was index.php – Praveen V R Mar 22 '14 at 18:03
  • Then I guess the code snippet for index.php here is not the one you encountered the error with. Because there is nothing wrong here on line 8 that might cause this issue – mesutozer Mar 22 '14 at 18:13
  • Error with index.php is okey ... but .. session not starting .. I think that's why the home page is redirect to the index page – Praveen V R Mar 22 '14 at 18:15
  • it cannot be ok, it is just hidden – mesutozer Mar 22 '14 at 18:15
  • Ohhhh ..:( .. then what should I do ..?? – Praveen V R Mar 22 '14 at 18:18
  • In the error message it is stated that session_start is on line 11 and output started on line 8. In given code snippet session_start is on line 4. This inconsistency shows this code snippet is not the one you had the error. I understand you might have modified code before posting here but I need to see what is on line 8 to find out the problem – mesutozer Mar 22 '14 at 18:28
0

It's not possible to set cookies (or send any other headers) after output is started. You could add

ob_start()

at line 1 to buffer the output.

Umair Ayub
  • 13,220
  • 12
  • 53
  • 124