How to deal with "Cannot modify header information" in PHP?

Question

I get "Cannot modify header information" error with this code.

This is my login.php:

<?php include("connection.php"); ?>
<?php

if(isset($_SESSION["session_username"])){
header("Location: intropage.php");
}

if(isset($_POST["login"])){

sometimes i get "please enter login and password" all the time.

if(!empty($_POST['username']) && !empty($_POST['password'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$query =mysql_query("SELECT * FROM users WHERE password='".$password."'");
$numrows=mysql_num_rows($query);
if($numrows!=0) {
    while($row = mysql_fetch_assoc($query)) {
        $dbusername = $row["username"];
        $dbpassword = $row["password"];
    }
if($username == $dbusername && $password == $dbpassword) {
    $_SESSION["session_username"] = $username;
    header("Location: intropage.php");
}else{
    echo "Incorrect login or password";
}
}else{
    echo "Please enter login and password";
}
}
}
?>
<?php include("header.php"); ?>

As an aside, do _not_ use this code in production. It has serious security errors that will permit anyone to log in as anyone else. In particular, it has SQL injection vulnerabilities. It also stores passwords in plain text, which will compound your users' security problems in the likely event you get hacked. — halfer, Jan 09 '15 at 12:59

score -1 · Answer 1 · answered Jan 09 '15 at 12:56

-1

You are sending new empty line to user browser in that part of your code so you can't send headers after that.

<?php include("connection.php"); ?>
<?php

answered Jan 09 '15 at 12:56

Elon Than

9,603
4
27
37

Can you add into this what the fix would be? – halfer Jan 09 '15 at 12:56
Assuming connection.php doesn't output anything to the display, remove the closing `?>` after it as well as the opening ` – komodosp Jan 09 '15 at 13:00

How to deal with "Cannot modify header information" in PHP?

1 Answers1