headers already sent while starting session

Question

When running my php code the following errors appear:

    Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/chatvik/public_html/control.php:2) in /home/chatvik/public_html/control.php on line 5

    Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/chatvik/public_html/control.php:2) in /home/chatvik/public_html/control.php on line 5

What's wrong and how to fix it? Here is the code, i have deleted the real db usernames and passwords for sequrity reasons, thanks for your help:

<?php

/*** begin our session ***/
session_start();

/*** check if the users is already logged in ***/
if(isset( $_SESSION['user_id'] ))
{
$message = 'Users is already logged in';
}
/*** check that both the username, password have been submitted ***/
if(!isset( $_POST['username'], $_POST['password']))
{
$message = 'Please enter a valid username and password';
}
/*** check the username is the correct length ***/
elseif (strlen( $_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'Incorrect Length for Username';
}
/*** check the password is the correct length ***/
elseif (strlen( $_POST['password']) > 6 || strlen($_POST['password']) < 4)
{
$message = 'Incorrect Length for Password';
}
/*** check the username has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['username']) != true)
{
/*** if there is no match ***/
$message = "Username must be alpha numeric";
}
/*** check the password has only alpha numeric characters ***/
elseif (ctype_alnum($_POST['password']) != true)
{
    /*** if there is no match ***/
    $message = "Password must be alpha numeric";
}
else
{
/*** if we are here the data is valid and we can insert it into database ***/
$phpro_username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$phpro_password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);

/*** connect to database ***/
/*** mysql hostname ***/
$mysql_hostname = 'localhost';

/*** mysql username ***/
$mysql_username = 'xxxxxxx_usr';

/*** mysql password ***/
$mysql_password = 'xxxxxxx';

/*** database name ***/
$mysql_dbname = 'xxxxxxx_usr';

try
{
    $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password);
    /*** $message = a message saying we have connected ***/

    /*** set the error mode to excptions ***/
    $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    /*** prepare the select statement ***/
    $stmt = $dbh->prepare("SELECT phpro_user_id, phpro_username, phpro_password FROM phpro_users 
                WHERE phpro_username = :phpro_username AND phpro_password = :phpro_password");

    /*** bind the parameters ***/
    $stmt->bindParam(':phpro_username', $phpro_username, PDO::PARAM_STR);
    $stmt->bindParam(':phpro_password', $phpro_password, PDO::PARAM_STR, 40);

    /*** execute the prepared statement ***/
    $stmt->execute();

    /*** check for a result ***/
    $user_id = $stmt->fetchColumn();

    /*** if we have no result then fail boat ***/
    if($user_id == false)
    {
            $message = 'Login Failed';
    }
    /*** if we do have a result, all is well ***/
    else
    {
            /*** set the session user_id variable ***/
            $_SESSION['user_id'] = $phpro_username;

            /*** tell the user we are logged in ***/
            header('Location:sucsess.htm');
    }


}
catch(Exception $e)
{
    /*** if we are here, something has gone wrong with the database ***/
    $message = 'We are unable to process your request. Please try again later"';
}
}
?>

Sorry for asking this. I'm directly BAD at php so i'm glad you are helping me Thanks for the help

score 0 · Answer 1 · answered Sep 26 '13 at 14:21

0

Have you tried knocking out the whitespace - the crlfs at 2 and 5 - to see if that's being sent across?

answered Sep 26 '13 at 14:21

gedq

609
9
20

NDM · Accepted Answer · 2013-09-26T14:30:06.957

0

Make sure there is no whitespace before <?php.

your error says session_start() is on line 5, but in the given code it's on line 4, is there an empty line at the beginning of the file?

edit

For the "not redirecting correctly" error:

header('Location:sucsess.htm');
// shouldn't this be?
header('Location: success.htm');
       add space ^   ^ typo fix

edited Sep 26 '13 at 14:30

answered Sep 26 '13 at 14:23

NDM

6,731
3
39
52

Works, but i'm not beiing redirected to the right place after that... – user2818691 Sep 26 '13 at 14:25
I've updated my answer with a possible solution – NDM Sep 26 '13 at 14:28
The typo should be there – user2818691 Sep 26 '13 at 14:31

score -2 · Answer 3 · answered Sep 26 '13 at 14:20

-2

Try adding.... <?php ob_start(); ?> in the beginning and <?php ob_flush(); ?> at the end

answered Sep 26 '13 at 14:20

Vishal Chawla

53
1
6

This is not a solution, it's a workaround, and not a very good one at that... – NDM Sep 26 '13 at 14:21
Better but does not redirect me to the right place – user2818691 Sep 26 '13 at 14:22

headers already sent while starting session

3 Answers3