-2

Possible Duplicate:
php headers already sent error

I have attached my code which am using for a very basic login in php. It giving an error

Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\netsentries\f\includes\functions.php:1)

   <?php 
    if (!isset($_POST['username'])) {
    ?>
    <h3>Login</h3>
    <form action="" method="post">
    Username<br/>
    <input name="username" type="text" /><br/>
    Password<br/>
    <input name="password" type="password" /><br/>
    <input name="" type="submit" /><br/>
    </form>
    <?php
    }
     else 
    { 
    include('includes/config.php');

    $data['username']= $_POST['username'];
    $data['password']= md5($_POST['password']);

    connect($db_name,$db_user,$db_pass,$db_host);

    $query= "select * from user where username='" . $data['username'] . "' AND password='" . $data['password'] . "'";

        $result=mysql_query($query);
        //check that at least one row was returned
        $rowCheck = mysql_num_rows($result);
        if($rowCheck > 0)
        {
        while($row = mysql_fetch_array($result))
            {
            session_start();
            session_register($data['username']);
            //successful login code will go here...
            //echo 'Logged in!'; 
            }
        }
        else
        {
        echo "Failed!";
        }



    }
    ?>

Am not able to find out the problem

Community
  • 1
  • 1
esafwan
  • 14,622
  • 30
  • 99
  • 154

6 Answers6

3

You can't session_start after you've outputted any HTML at all. Move the session_start call up to the top, and keep a variable for what to echo later. Anything not in <?php ?> counts, even your include file.

Ry-
  • 199,309
  • 51
  • 404
  • 420
2

You need to put session_start() before anything outputs on the page.

 <?php
session_start(); 
if (!isset($_POST['username'])) {
?>
<h3>Login</h3>
<form action="" method="post">
Username<br/>
<input name="username" type="text" /><br/>
Password<br/>
<input name="password" type="password" /><br/>
<input name="" type="submit" /><br/>
</form>
<?php
}
 else 
{ 
include('includes/config.php');

$data['username']= $_POST['username'];
$data['password']= md5($_POST['password']);

connect($db_name,$db_user,$db_pass,$db_host);

$query= "select * from user where username='" . $data['username'] . "' AND password='" . $data['password'] . "'";

    $result=mysql_query($query);
    //check that at least one row was returned
    $rowCheck = mysql_num_rows($result);
    if($rowCheck > 0)
    {
    while($row = mysql_fetch_array($result))
        {
        session_register($data['username']);
        //successful login code will go here...
        //echo 'Logged in!'; 
        }
    }
    else
    {
    echo "Failed!";
    }



}
?>
stefgosselin
  • 8,696
  • 5
  • 38
  • 63
2

If you were trying to use any function that modifies the header (like header or session_start), you need to make sure that nothing was outputting beforehand, even whitespace -- or else you will get that error.

Naftali aka Neal
  • 138,754
  • 36
  • 231
  • 295
2

Halfway down you're having

session_start();

But you don't want any output before that. And you have -in the very least- this allready sent:

   <h3>Login</h3>
    <form action="" method="post">
    Username<br/>
    <input name="username" type="text" /><br/>
    Password<br/>
    <input name="password" type="password" /><br/>
    <input name="" type="submit" /><br/>
    </form>

PUt the session on the top :D

Nanne
  • 61,952
  • 16
  • 112
  • 157
1
include('includes/config.php');

look for white space in that file.

in particular after the ?> at the end of the file there is often white space.

so omit the closing ?> at the end of your files.

Gidon Wise
  • 1,868
  • 1
  • 11
  • 10
0

Make sure there is absolutely nothing being output before your session call - even whitespace. (See Pekka's comment :) )

marramgrass
  • 1,411
  • 12
  • 17