-2

Recently I got a error while using a PHP script:

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\jnexm\login.php:2) in C:\xampp\htdocs\jnexm\login.php on line 29

To solve this problem I am using ob_start() function at the start of the page.

If I am using this function, does it affect the security of my site?

lonesomeday
  • 233,373
  • 50
  • 316
  • 318
Rajesh kumawat
  • 170
  • 2
  • 11
  • 2
    This has nothing to do with security. – Barmar Dec 27 '13 at 03:25
  • See [here](http://stackoverflow.com/a/8028987/1851186) for a comprehensive answer regarding the "Cannot modify header information" warning and the use of output buffering as a workaround. – TachyonVortex Dec 27 '13 at 03:40
  • possible duplicate of [How to fix "Headers already sent" error in PHP](http://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php) – Rowland Shaw Jan 19 '14 at 08:50

2 Answers2

4

It's not a "solution", it's pretending that there is no issues.

In programming (and in everything in our life) it makes sense to fix the roots of the issue, not the consequences.

If you have leaked roof - fix the roof, not buy more buckets to collect water.

The same here: if you have some output before headers are to be sent - just don't do that and only start output when all headers are formed.

zerkms
  • 249,484
  • 69
  • 436
  • 539
4

Using the ob_XXX functions has no impact on the security of the script. It simply causes PHP to save the output into a buffer until you tell it to send it, rather than sending everything as soon as you echo it.

Barmar
  • 741,623
  • 53
  • 500
  • 612