-1

Locally, I am not having any issue - but on a client machine these warnings are appearing. In light of this, I placed my session start right at the beginning of my files - it appears like this :

<!<?php session_start();
if(!isset($_SESSION["loggedin"]))

Notice the <! this is used as a flag for DW that the template begins so I must have this right before the session start.

Therefore, is there any way to resolve this issue and stop these warnings. Or is it something deeper, like the way I'm handling the cookies/session. I put the above code at the start of each page that is protected. However, once the user logs in I set $_SESSION as follows.

   session_start();
    $_SESSION['user'] = $user;
    $_SESSION['password'] = $password;
    $_SESSION['loggedin'] = "true";
    header("location:index.php"); //redirect to main page

Please advise.

user2646567
  • 43
  • 10
  • 2
    Your code in the question includes a `<!` before you call session start? Is that a typo when you entered it here? – andrewsi Aug 09 '13 at 19:38
  • `Notice the <! this is used as a flag for DW that the template begins so I must have this right before the session start.` – Jason Swett Aug 09 '13 at 19:39
  • possible duplicate of [Headers already sent by PHP](http://stackoverflow.com/questions/8028957/headers-already-sent-by-php) – deceze Aug 09 '13 at 19:39
  • @andrewsi if you did read the question, it's explained. But is nonsense, IMHO. There's no way of keeping this, just remove this template tag when deploying the code. – lsouza Aug 09 '13 at 19:40
  • What is DW? `session_start()` craps out if there's anything being output before it, so if your file needs to start with `<!`, that seems like kind of a catch-22. If possible, I would design it in such a way that you don't have to have the `<!`. Seems like an odd requirement. – Jason Swett Aug 09 '13 at 19:40
  • Yeah, I missed that part. I either need more coffee or to head home. – andrewsi Aug 09 '13 at 19:40
  • DW is Dreamweaver - it's the template system that it uses. The template allows me quickly change all my pages at once by making changes to a template only. But I suppose templates aren't compatible with sessions in that case... – user2646567 Aug 09 '13 at 19:43
  • Try `echo '<!';` just after ` – Luc M Aug 09 '13 at 19:50

2 Answers2

1

This <!<?php session_start(); is incorrect, because <! counts as output before PHP headers.

<!<?php session_start();
if(!isset($_SESSION["loggedin"]))

Should read as: (correct)

<?php session_start();
if(!isset($_SESSION["loggedin"]))

Incorrect: 

(space)<?php session_start();
if(!isset($_SESSION["loggedin"]))

Incorrect: 

(space)
(space)<?php session_start();
if(!isset($_SESSION["loggedin"]))

Incorrect: 

(HTML)<?php session_start();
if(!isset($_SESSION["loggedin"]))

Footnote: It is good form to leave off the closing php tag on class files for this reason. It prevents the inadvertent inclusion of white-space after an included file.

Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
0

I'm not sure why DW would require for you to put characters at the beginning of a php file. If output is created (including whitespace) before calling session_start() then php will complain the headers have already been sent. In other words, you can't type anything outside php tags before a session_start call, and you can't do echo / print calls before a session_start.

It's also the reason why it is good practice not to end a php file with the tag ?> so not to create whitespace output accidentally.

If locally DW somehow strips those tags you could verify that this is not happening on the client machine because you would see a

Joe Minichino
  • 2,793
  • 20
  • 20