-4

I have this error:

Warning: Cannot modify header information - headers already sent by (output started at D:\xamp\htdocs\talcioc\login.php:46) in D:\xamp\htdocs\talcioc\login.php on line 77

And that's the code (index.php):

    <?php
if(isset($_SESSION['IS_LOGEDIN']) == 'Y')
{
header("location:index.php");
exit();
}
?>
<form action="" method="post">
  <table width="524" border="0" style="-webkit-border-radius:9px;
    -moz-border-radius:9px;
    -ms-border-radius:9px;
    border-radius:9px; background-image:url(images/bgtable.png);" align="center">
    <tr>
      <td width="514"><center><img src="pics/admin2.png" width="128" height="128" /></center></td>
    </tr>
    <tr>
      <td><p>&nbsp;</p></td>
    </tr>
  </table>
  <p>&nbsp;</p>
  <table width="304" border="0" style="background-color:#000; -webkit-border-radius:9px;
    -moz-border-radius:9px;
    -ms-border-radius:9px;
    border-radius:9px;" align="center">
    <tr>
      <td width="78">Username:</td>
      <td width="210"><input type="text" name="myusername" /></td>
    </tr>
    <tr>
      <td>Password:</td>
      <td><input type="password" name="mypassword" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><input type="submit" value="Login!" name="submit" /></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td><img src="images/key.png" alt="" width="16" height="16" border="0" align="bottom" />&nbsp;<a href="index.php?pagina=forgotpass">Ti-ai uitat parola?</a></td>
    </tr>
    <tr>
      <td>&nbsp;</td>
      <td>
      <?php 
if(isset($_POST['submit']))
{

if(!isset($_SESSION['IS_LOGEDIN']))
{
    $_SESSION['IS_LOGEDIN'] = 'N';
}
// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes(mysql_real_escape_string($myusername));
$mypassword = stripslashes(mysql_real_escape_string($mypassword));

$encrypted_mypassword=md5($mypassword);

$sql="SELECT * FROM administratori WHERE username='$myusername' and password='$encrypted_mypassword'";
$result=mysql_query($sql);


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['myusername'] = $myusername;
$_SESSION['IS_LOGEDIN'] = 'Y';
//$lastlogin = $_POST['date("d/m/y  H:i:s", time()+25200)'];
header("location:administrare.php");
}
else {
echo '<img src="images/delete.png" width="16" height="16" />' . '&nbsp;' .'User sau Password gresit!';
}
}
?>
</td>
    </tr>
  </table>
</form>
LolzyTM
  • 1
  • 1
  • 2

2 Answers2

0

When you says: header("location:administrare.php"); that is bad, because before header, there shouldn't be any output in the buffer.

Move your whole if(isset($_POST['submit'])) condition at the top of the file, after you check the is logged in condition.

vaso123
  • 12,347
  • 4
  • 34
  • 64
0

header function has to be called before any output.

The structure of your file has to be:

<?php

if(isset($_SESSION['IS_LOGEDIN']) == 'Y') {
    header("location:index.php");
    exit();
}

if (isset($_POST['submit'])) {
    // process form
}

?>

<form>
    ...
</form>
pavel
  • 26,538
  • 10
  • 45
  • 61