Cannot modify header information - headers already sent

Question

I know that this is well known problem but I've tried all solutions with no avail :(

Here is my code:

<?php
ob_start();
if (!empty($_POST)) { // if submit
    $username = $_POST['username'];
    $userpass = $_POST['userpass'];

    mysql_connect('localhost', 'root', 'root') or die(mysql_error());
    mysql_select_db('ita4') or die($connection_error);

    function login($username, $userpass) {
        $sqlQuery = "SELECT COUNT(userid) FROM users WHERE name='$username' AND password='$userpass' AND admin='t'";
        $runQuery = mysql_query($sqlQuery);    
        return (mysql_result($runQuery, 0) == 1) ? TRUE : FALSE; 
    }

    if(login($username, $userpass)) {
        setcookie("username", $username, time()+60*60*24*30);
        $_COOKIE['username'] = $username;
        echo "Me:".$_COOKIE['username'];
        //echo "<script> location.replace('done.html'); </script>";
    } else {
        echo "<script> alert('Your input data is not found!'); </script>";
    }

}
?>
<html>

<head>
    <title>Login</title>
    <link rel="stylesheet" type="text/css" href="style.css">
    <meta http-equiv=content-type content="text/html; charset=UTF-8"/>
</head>

<body>

<div id="upper">
<a href="index.html">Home</a> &nbsp;•&nbsp; <a href="login.html">Login</a> &nbsp;•&nbsp; <a href="about.html">About</a>

</div>
<div id="container">
    <div id="loginDiv">
        <form action="login.php" onsubmit="return checkEmpty()" method="post" name="loginForm">
            <table>
                <tr>
                    <td style="width:100px">Name: </td>
                    <td>
                    <input name="username" id="username" type="text" style="width:250px"></td>
                </tr>
                <tr>
                    <td style="width:100px">Password: </td>
                    <td>
                    <input name="userpass" id="userpass" type="password" style="width:250px"></td>
                </tr>
                <tr>
                    <td colspan="2" style="text-align:center"><input id="loginImg" type="image" src="images/loginButton.png"></td>
                </tr>
            </table>
        </form>
    </div>
</div>
<div id="lower">
    <br><br><br><br><br>
    <p style="text-align:center">COPYRIGHTS © 2013 &nbsp;&nbsp;•&nbsp;&nbsp; WWW.HISHAM.WS</p>
</div>


<script type="text/javascript">
function checkEmpty() {
    var username = document.getElementById("username").value;
    var userpass  = document.getElementById("userpass").value;

    if(username=="" || username==null) { alert("You've to enter your name!"); }
    else if(userpass=="" || userpass==null) { alert("You've to enter a password!"); }   
    else { return true; } 
    return false; 
}
</script>

</body>

</html>

Thanks in advance

The code you pasted doesn't have a header command in it. But the cause of this is always that something has been echoed or printed to the screen before the header command has been issued. Header commands should always come before any HTML or other text has been printed to the page. If display_errors is on, PHP error messages can also cause this error since they are shown on the page prior to the header command.. — Joshua Walcher, Dec 16 '13 at 23:27
I know and still have this error!! Warning: Cannot modify header information - headers already sent by (output started at C:\AppServ\www\Assignement\login.php:1) in C:\AppServ\www\Assignement\login.php on line 17 — Hisham Ramadan, Dec 16 '13 at 23:30
See [Headers already sent by PHP](http://stackoverflow.com/q/8028957) why `setcookie` doesn't work, and the `ob_start` workaround commonly fails. — mario, Dec 16 '13 at 23:31
@HishamRamadan that show you exactly where your output started. On line 1 of C:\AppServ\www\Assignement\login.php. Do you have space before opening PHP tag? — Mike Brant, Dec 16 '13 at 23:32
You're code is also vulnerable to SQL injection attacks. I think it's the 10th question I read today that has code with these issues :) — nice ass, Dec 16 '13 at 23:34

score 2 · Answer 1 · answered Dec 17 '13 at 00:35

So against my initial reaction to not help you, I decided to go ahead and build the database and table like you have. I created a new database named ita4 and added a table called users with four fields (userid, name, password, and admin). I added a user named josh with a password of josh and an admin setting of 't'. I then put your file into my local development environment and named it login.php. I then loaded up the page in my browser and entered josh for the username and josh for the password and it resulted in it displaying "Me:josh" at the top of the page and the login page still displaying below it. I get no errors.

If you aren't getting that far, then the error message may be because the database connection details are bad or your table doesn't have one of those fields. You do have a "or die(mysql_error()" after the database connect code.

score 1 · Answer 2 · answered Dec 16 '13 at 23:26

1

The header needs to be the first thing in the document. Your code should look something like

<?php header("header information"); ?>
<html>
 ... Your HTML HERE ...
</html>

More information can be found in the PHP documentation here.

answered Dec 16 '13 at 23:26

Jacobm001

4,431
4
30
51

please take a look at my code. – Hisham Ramadan Dec 16 '13 at 23:28
@HishamRamadan: You want the header to be that link? Insert it where I put "header information". – Jacobm001 Dec 16 '13 at 23:29
@HishamRamadan: Your code doesn't have the header command in it. Add what I posted to the very top of your document, that will set the header. – Jacobm001 Dec 16 '13 at 23:30
I don't need header!! I'm using cookies ... – Hisham Ramadan Dec 16 '13 at 23:32
@HishamRamadan: Don't get snippy. Articulate what the problem is. You said you couldn't modify the header; this is how you modify the header. Did you mean something else? – Jacobm001 Dec 16 '13 at 23:33
@Jacobm001 : "Cannot modify header information - headers already sent" is a notice/warning he is getting. – nl-x Dec 16 '13 at 23:34

score 1 · Answer 3 · edited May 23 '17 at 12:06

1

As far as i understand, you want to redirect the user to another page if a login occurs.

You could use javascript and/or meta redirections in order to do that.

This question might also help : How to redirect if user already logged in

edited May 23 '17 at 12:06

Community

1
1

answered Dec 16 '13 at 23:31

mehmetseckin

3,061
1
31
43

score 0 · Answer 4 · answered Dec 16 '13 at 23:31

0

You did not tell the line number that causes the notice. But I assume it is because you are doing setCookie().

You are already using ob_start() so that is good.

What I suggest is that you pay attention to that NO CHARACTERS should be at the start of the document, before the ob_start(). Look especially for any characters or even white spaces or enters (new lines), before you start <?php. Let <?php be the very first thing in your file.

answered Dec 16 '13 at 23:31

nl-x

11,762
7
33
61

I've checked it more than once, no whitespaces; thats why I attached the code. – Hisham Ramadan Dec 17 '13 at 00:02
@HishamRamadan have you also checked your HTML source to see if you don't have any other notices/warnings in it. (The notices/warnings themselves also count as output.) – nl-x Dec 17 '13 at 00:08

Cannot modify header information - headers already sent

4 Answers4