How do i solve the headers allready sent issue

Question

When i test out my script i get this error

Warning: Cannot modify header information - headers already sent by (output started at /nfs/c06/h04/mnt/153892/domains/authomotive.com/html/artpoint/gallery/index.php:12) in /nfs/c06/h04/mnt/153892/domains/authomotive.com/html/artpoint/gallery/main.php on line 17

wich ofcourse we all know I removed all the spaces in the other files and add ob_start() and ob_flush() to the files what can i do more? do I have to just find another way to send the headers or is there another way to bypass this warning?

the script removes a file from my database and my maps.

source of main.php

<?php 
ob_start();
    if(isset($_GET['remove'])){
        $id=$_GET['id'];
        include('conf.php');
        require_once('classes/db.class.php');
        $db = new DB($db_name,$db_host,$db_user,$db_passw);
        $q = $db->query('SELECT photourl,minurl,projectID FROM photo WHERE id='.$id);
            while ($line = $db->fetchNextObject()) {
                $file = $line->photourl;
                unlink($file);
                $filemin = $line->minurl;
                unlink($filemin);
            }
        //$db->execute('DELETE FROM project WHERE id='.$line->projectID,true);
        $db->execute('DELETE FROM photo WHERE id='.$id);
        header("Location:index.php");
    }
    if(isset($_GET['success'])){
        echo('het werkt');
    }
    ob_flush();
?>
<h1> Projecten </h1>

<ul id="edit-menu">
    <li>
        <ul>
            <li><a class="addPro" href="#"><img src="images/addProject.png" /></a></li><br/>
            <li><a class="add" style="padding-left:15px"href="#">Project +</a></li>
        </ul>

    </li>
    <li>
        <ul>
            <li><a class="addPho" href="#"><img src="images/add.png" /></a></li><br/>
            <li><a class="add" href="#">Toevoegen </a></li>
        </ul>
    </li>


    <li>
        <ul>
            <li><a class="deletePho" href="#"><img src="images/delete.png" /></a></li><br/>
            <li><a href="#">Verwijderen </a></li>
        </ul>
    </li>
    <div id="addproject">
        <?php include('addproject.php'); ?>
    </div>
    <div id="addphoto">
        <?php include('addphoto.php'); ?>
    </div>
    <div id="deletephoto">
        <?php include('removePhoto.php'); ?>
    </div>
</ul>

By the way: You have terrible security lags in your SQL-Query... google for sql-injection and escape your query-parameters! — mineichen, Nov 19 '12 at 22:14
Please read about [SQL Injection](http://php.net/manual/en/security.database.sql-injection.php) and update your code accordingly. — Jason McCreary, Nov 19 '12 at 22:14
And I know that the security is incorrect ... I'm just testing out the script — KrisTemmerman, Nov 19 '12 at 22:18
You include and require some files. Do they contain output? Do you close your ' ? — mineichen, Nov 19 '12 at 22:19
I think youre probably getting error output which is the problem... If your DB class is based on PDO then this line is probably wrong: `$db->execute('DELETE FROM photo WHERE id='.$id);` it shoudl be something like: `$stmt = $db->prepare('DELETE FROM photo WHERE id = ?'); $stmt->execute(array($id));` — prodigitalson, Nov 19 '12 at 22:19
@prodigitalson the query works perfectly , the records get deleted accordingly — KrisTemmerman, Nov 19 '12 at 22:20
"I know the security is wrong; I'm just testing something..." -- be very wary of this attitude: Proof of concept programs have an alarming habit of turning into production systems without the developer having time to clean up the code. — Spudley, Nov 19 '12 at 22:24

score 2 · Answer 1 · answered Nov 19 '12 at 22:20

Very often, this issue is caused by blank lines at either the start of end of the file, outside the <?php ... ?> tags. These blank lines are interpreted by PHP as being part of the (HTML) content that needs to be output.

In the case of the main PHP file, it obviously only applies to the start of the file, but with included files, blank lines at either end of them can cause output to occur, and thus your header() call to fail.

Of course, any other output they generate will also have the same effect, but blank lines are easily the most common cause for people to get this problem without being able to work out what content is causing it, because it's not obvious, and because it's difficult to spot a single stray blank line when you view the source to work out what's happening.

You should check all PHP files loaded by your program to ensure that the don't output anything. Specifically check the start and end of the files to ensure that there aren't any blank lines there.

Hope that helps.

score 1 · Answer 2 · edited May 23 '17 at 12:27

What is most likely happening here is that the file being executed is index.php, which is using include('main.php');. But if index.php already sent some data before including main.php, then you're going to have trouble changing your headers.

index.php might have some blank lines that are being echoed. That's really easy to overlook.

Also, this is incredibly unsafe:

$db->execute('DELETE FROM photo WHERE id='.$id);

Web security rule #1: Never trust the client.

score 0 · Answer 3 · answered Nov 19 '12 at 22:16

0

You can't use header after html output or echo. you can still use meta or javascript redirection.

answered Nov 19 '12 at 22:16

mbouzahir

1,424
13
16

How do i solve the headers allready sent issue

3 Answers3