PHP headers already sent while redirecting page

Question

Possible Duplicate:
Headers already sent by PHP

Hello there when i go to the site it says

Warning: session_register() [function.session-register]: Cannot send session cache limiter - headers already sent (output started at /home/content/49/5712349/html/c/admin/admin.php:17) in /home/content/49/5712349/html/c/admin/admin.php on line 39

Warning: Cannot modify header information - headers already sent by (output started at /home/content/49/5712349/html/c/admin/admin.php:17) in /home/content/49/5712349/html/c/admin/admin.php on line 41

I saw other questions and none answered me.

Here is the code thanks a lot.

<?php 

if (isset($_SESSION['mattyc-admin'])){
    header ('Location: admin/home.php');
}

if (!isset($_GET['me'])){
    header ('Location: http://www.stat-me.com/mattyc');
}

if ($_GET['me'] != 'mattyc'){
    header ('Location: http://www.stat-me.com/mattyc');
}

?>

<?php

if ($_POST['name'] != "" && $_POST['password'] !="") {

//require "../../scripts/connect_to_mysql.php";

$name = $_POST['name'];
$pass = $_POST['password'];

$name = strip_tags($name);
$pass = strip_tags($pass);
//$name = mysql_real_escape_string($name);
//$pass = mysql_real_escape_string($pass);
$name = eregi_replace("`", "", $name);
$pass = eregi_replace("`", "", $pass);

//$pass = md5($pass);

if ($name == 'mattyc' && $pass == 'qwerty'){
    if (isset ($_SESSION['mattyc-admin'])){
        header ('Location: admin/upload.php');
    }else{
     session_register('mattyc-admin'); 
     $_SESSION['mattyc-admin'] = ('mattyc-adminp');
     header ('Location: admin/upload.php');
    }
}

}
?>

Just a marginal note: [`session_register`](http://php.net/session_register) is deprecated. — Gumbo, Oct 12 '10 at 16:12
It's also good to have `exit` after each `header('Location ...')` (I assume you don't want the rest of your code to be executed after `header`) — a1ex07, Oct 12 '10 at 16:15
The error message tells you everything: "output started at /home/content/49/5712349/html/c/admin/admin.php: **17** " means the output is generated in line **17** of your admin.php file — Mark Baker, Oct 12 '10 at 16:24

score 18 · Accepted Answer · answered Oct 12 '10 at 16:10

18

Between your two PHP tags you have whitespace.

?>

<?php

This'll cause your headers to be sent before starting any session and sending more headers.

I suggest just removing that bit of code.

answered Oct 12 '10 at 16:10

Mikee

2,403
2
18
16

Had the same thing, there was a space after my closing php tag (?> ) which was causing the error. – zac Sep 23 '14 at 11:02
how come a space would cause so much damage to a programming language? – Junior Mayhé Jun 10 '15 at 11:09

score 8 · Answer 2 · answered Oct 12 '10 at 16:11

8

the problem is between lines 16 and 18:

?>

<?php

this will write some whitespace (and send headers)

answered Oct 12 '10 at 16:11

nothrow

15,882
9
57
104

abel · Answer 3 · 2010-10-14T13:03:25.777

2

ob_clean();

Add the above before the offending code. Cleans the buffer or something.

If you would have googled for it http://www.google.co.in/search?q=Warning%3A+session_register%28%29+[function.session-register]%3A+Cannot+send+session+cache+limiter+-+headers+already+sent the first result has the solution which says

make sure you have added ob_start(); at the first line of webpage and ob_end_flush(); at the end of webpage //i have used ob_end_clean() or ob_clean() in a similar case

Update:

I was downvoted. So let me clarify.

In the code in question , the space between the php tags was seen clearly and so the solution was straightforward. However, if the question in issue was not that simple, perhaps it was a include file which was problematic. What if the code ran into reams and reams before generating a space or other output and you couldn't track it? What if?

If you enclose stuff you do not want output for between ob_start() and ob_end_clean(). The output is not sent. ob_clean() does something similar.

Update 2 As Col. Shrapnel said

Never gag an error

Soultion: Remove the offending space.

Update for @meagar

While the answer to this problem should be removal of the space, I am posting a solution for the problem using, ob_clean() just for the upvote(I hate downvotes! :))

<?php
ob_start(); //started buffering
?>
Hello World and other dangerous texts
<?php 
if (isset($_SESSION['mattyc-admin'])){
    header ('Location: admin/home.php');
}

if (!isset($_GET['me'])){
    header ('Location: http://www.stat-me.com/mattyc');
}

if ($_GET['me'] != 'mattyc'){
    header ('Location: http://www.stat-me.com/mattyc');
}

?>

<?php
if ($_POST['name'] != "" && $_POST['password'] !="") {

//require "../../scripts/connect_to_mysql.php";

$name = $_POST['name'];
$pass = $_POST['password'];

$name = strip_tags($name);
$pass = strip_tags($pass);
//$name = mysql_real_escape_string($name);
//$pass = mysql_real_escape_string($pass);
$name = eregi_replace("`", "", $name);
$pass = eregi_replace("`", "", $pass);

//$pass = md5($pass);
ob_clean(); //can use ob_end_clean() too
if ($name == 'mattyc' && $pass == 'qwerty'){
    if (isset ($_SESSION['mattyc-admin'])){
        header ('Location: admin/upload.php');
    }else{
     session_register('mattyc-admin'); 
     $_SESSION['mattyc-admin'] = ('mattyc-adminp');
     header ('Location: admin/upload.php');
    }
}

}
?>

With output buffering set to Off in my php.ini, I tested the above code. Just add ob_start to the start of the page. ob_clean() is only needed to end buffering. If you are sure that the page will show no output and only redirect then ob_clean is not needed too. (Otherwise use ob_clean() before the problematic code segment.) Thanks to @meagar for the code and inspiration.

edited Oct 14 '10 at 13:03

answered Oct 12 '10 at 17:02

abel

2,377
9
39
62

When you downvote please comment. Thats convention. – abel Oct 12 '10 at 17:34
1

output buffering is a tool with it's own purpose. do not use it as a crutch to cover bad design/simple mistake. Never gag an error. But always repair it. – Your Common Sense Oct 12 '10 at 17:50
@Col. Shrapnel Thank you. and I completely agree. But it has saved me on one ocassion when using TCPDF which does not tolerate any output before the pdf header are sent. – abel Oct 12 '10 at 18:00
I down-voted your answer because it is wrong. Adding `ob_clean` "before the offending code" won't fix the problem, that's now how output buffering works. It doesn't "clean the buffer or something". That kind of language confuses your answer and makes it look like you have no idea what you're talking about. – user229044 Oct 12 '10 at 18:13
1

@meagar See my rep and look at my profile(I am a PHP beginner). Actually I didnt know what it did exactly. I read up the manuals and I had used it before. Thats the reason I posted. – abel Oct 12 '10 at 18:20
+1. Output buffering will save you a lot of pain. Do your best to remove premature output, but output buffer anyway so that your application is less fragile when someone does inevitably introduce an issue. – Frank Farmer Oct 12 '10 at 18:20
@Frank First, that's terrible advice. You're saving yourself pain by encouraging sloppy, inefficient practices. Secondly, this answer is demonstratively wrong, regardless of your feelings about output buffering. It doesn't deserve an up-vote until it's at least correct. – user229044 Oct 12 '10 at 18:24
@abel If you don't know what something does, you probably shouldn't be suggesting it as an answer. You took a guess, and answered incorrectly, so I downvoted. I'm not trying to be mean, this is what downvoting is for. If you fix your answer so it's actually correct, I will remove my vote. – user229044 Oct 12 '10 at 18:28
@meagar very true. i should have tested the code before i put up an answer. I did that now and I find the code works(redirects) without an error even with the space in place. know why? Apache 2.2.11 , PHP 5.3.0 – abel Oct 13 '10 at 08:39
@abel The error only occurs if any of the `header` calls after `?> – user229044 Oct 13 '10 at 13:20
@meagar I added a Hello World to the top of the page. The page still redirected – abel Oct 13 '10 at 13:38
@abel You likely have output buffering enabled; checkout your `output_buffering` setting in php.ini, and try setting it to `output_buffering = Off;` – user229044 Oct 13 '10 at 13:59
@meagar just checked it is set to on. and it says default is off. any disadvantage leaving it on? – abel Oct 13 '10 at 14:53
@abel Only what we talked about in these comments: Leaving it on covers up logic errors that you would otherwise be aware of. While it's good that you don't have to worry about extraneous output before calls to `header()`, I would rather address those errors than suppress them. – user229044 Oct 13 '10 at 14:57
@meagar I have posted a working code sample. Should not be the preferred solution. – abel Oct 14 '10 at 13:05

PHP headers already sent while redirecting page

3 Answers3

Linked