Session start error but don´t know how to solve

Question

When I reload my website after uploading it on my webserver, following error is on my website:

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /data/userfiles/websites/lagersystem/login.php:1) in /data/userfiles/websites/lagersystem/login.php on line 36

I don´t know how to solve this.

This is my source code:

<html>
    <head>
        <title>Login</title>
            <meta name="viewport" content="width=device-width, initial-scale=1">
            <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
        <link rel="icon" type="favicon.gif" href="favicon.gif" sizes="256x256">
    </head>

<body>


<div class="p-3 mb-2 bg-secondary text-white">
<nav class="navbar navbar-expand-lg navbar-light bg-light">
  <a class="navbar-brand" href="index.php"><img src='favicon-64.gif'/></a>
  <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
    <span class="navbar-toggler-icon"></span>
  </button>

  <div class="collapse navbar-collapse" id="navbarSupportedContent">
    <ul class="navbar-nav mr-auto">
      <li class="nav-item active">
        <a class="nav-link" href="index.php">Home<span class="sr-only">(current)</span></a>
      </li>
      <li class="nav-item">
        <a class="nav-link" href="add.php">Hinzufügen</a>
      </li>
       <li class="nav-item">
        <a class="nav-link" href="login.php">Admin</a>
      </li>
    </ul>
     </div>
</nav>
</div>

<?php 
session_start();
$pdo = new PDO('mysql:host=localhost;dbname=', '', '');

if(isset($_GET['login'])) {
    $email = $_POST['email'];
    $passwort = $_POST['passwort'];

    $statement = $pdo->prepare("SELECT * FROM ls_users WHERE email = :email");
    $result = $statement->execute(array('email' => $email));
    $user = $statement->fetch();

    //Überprüfung des Passworts
    if ($user !== false && password_verify($passwort, $user['passwort'])) {
        $_SESSION['userid'] = $user['id'];
        die('<div class="text-center">Login erfolgreich. Weiter zu <a href="sicherheit.php">internen Bereich</a></div>');
    } else {
        $errorMessage = "E-Mail oder Passwort falsch!<br>";
    }

}
?>

<?php 
if(isset($errorMessage)) {
    echo $errorMessage;
}
?>

 <div class="row align-items-center justify-content-center">
    <div class="text-center">

<form action="?login=1" method="post">
E-Mail:<br>
<input class="form-control" type="email" size="40" maxlength="250" name="email"><br><br>

Dein Passwort:<br>
<input class="form-control" type="password" size="40"  maxlength="250" name="passwort"><br>

<input class="form-control" type="submit" value="Anmelden">

</form> 

<br />
<br />
</div>
</div>




<div class="p-3 mb-2 bg-secondary text-white">

<div class="row">
    <div class="col">

        <div class="text-center">

            <a href="index.php" class="btn btn-dark">Aktualisieren</a>

        </div>
    </div>
    <div class="col">

        <div class="text-center">

            <a href="fehler.php" class="btn btn-danger">Fehlermeldung</a>

        </div>
    </div>
</div>

</div>

<div class="p-3 mb-2 bg-secondary text-white">

<footer class="mainfooter" role="contentinfo">
 <div class="footer-top p-y-2">
    <div class="container-fluid">

    </div>
  </div>
  <div class="footer-middle">
  <div class="container">
 <div class="footer-bottom">
    <div class="container">
      <div class="row">
        <div class="col">
          <!--Footer Bottom-->
           <p class="text-center">&copy; 2018 - All rights reserved.</p>
        </div>
      </div>
    </div>
  </div>
</footer>
</div>

<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>

</body>

</html>

Thank you.

Add `session_start();` above ``. `session_start();` should always be the first line on your page to avoid header errors. — hungrykoala, May 04 '18 at 06:41

score 0 · Accepted Answer · answered May 04 '18 at 06:42

You have to start the file with

<?php 
session_start();

The reason is that sessions work through cookies (if the client was never there, PHP sends a random number as a cookie. Then, whenever the client comes back, he sends that cookie and PHP can look up $_SESSION for that user).

The problem is that cookies have to be sent in the header, before any HTML goes through, so if you did something like:

<html> <?php session_start();?>

PHP would read your file, see that you wrote "", figure that there aren't any more headers needing to be written, and start with the rest. Then when it hits session_start, it can't go back anymore and gives you the error.

Like this:

<?php session_start();?>
<html>
    <head>
        <title>Login</title>
            <meta name="viewport" content="width=device-width, initial-scale=1">
            <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
        <link rel="icon" type="favicon.gif" href="favicon.gif" sizes="256x256">
    </head>

<body>


<div class="p-3 mb-2 bg-secondary text-white">
<nav class="navbar navbar-expand-lg navbar-light bg-light">
  <a class="navbar-brand" href="index.php"><img src='favicon-64.gif'/></a>
  <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
    <span class="navbar-toggler-icon"></span>
  </button>

  <div class="collapse navbar-collapse" id="navbarSupportedContent">
    <ul class="navbar-nav mr-auto">
      <li class="nav-item active">
        <a class="nav-link" href="index.php">Home<span class="sr-only">(current)</span></a>
      </li>
      <li class="nav-item">
        <a class="nav-link" href="add.php">Hinzufügen</a>
      </li>
       <li class="nav-item">
        <a class="nav-link" href="login.php">Admin</a>
      </li>
    </ul>
     </div>
</nav>
</div>

<?php 

$pdo = new PDO('mysql:host=localhost;dbname=', '', '');

if(isset($_GET['login'])) {
    $email = $_POST['email'];
    $passwort = $_POST['passwort'];

    $statement = $pdo->prepare("SELECT * FROM ls_users WHERE email = :email");
    $result = $statement->execute(array('email' => $email));
    $user = $statement->fetch();

    //Überprüfung des Passworts
    if ($user !== false && password_verify($passwort, $user['passwort'])) {
        $_SESSION['userid'] = $user['id'];
        die('<div class="text-center">Login erfolgreich. Weiter zu <a href="sicherheit.php">internen Bereich</a></div>');
    } else {
        $errorMessage = "E-Mail oder Passwort falsch!<br>";
    }

}
?>

<?php 
if(isset($errorMessage)) {
    echo $errorMessage;
}
?>

 <div class="row align-items-center justify-content-center">
    <div class="text-center">

<form action="?login=1" method="post">
E-Mail:<br>
<input class="form-control" type="email" size="40" maxlength="250" name="email"><br><br>

Dein Passwort:<br>
<input class="form-control" type="password" size="40"  maxlength="250" name="passwort"><br>

<input class="form-control" type="submit" value="Anmelden">

</form> 

<br />
<br />
</div>
</div>




<div class="p-3 mb-2 bg-secondary text-white">

<div class="row">
    <div class="col">

        <div class="text-center">

            <a href="index.php" class="btn btn-dark">Aktualisieren</a>

        </div>
    </div>
    <div class="col">

        <div class="text-center">

            <a href="fehler.php" class="btn btn-danger">Fehlermeldung</a>

        </div>
    </div>
</div>

</div>

<div class="p-3 mb-2 bg-secondary text-white">

<footer class="mainfooter" role="contentinfo">
 <div class="footer-top p-y-2">
    <div class="container-fluid">

    </div>
  </div>
  <div class="footer-middle">
  <div class="container">
 <div class="footer-bottom">
    <div class="container">
      <div class="row">
        <div class="col">
          <!--Footer Bottom-->
           <p class="text-center">&copy; 2018 - All rights reserved.</p>
        </div>
      </div>
    </div>
  </div>
</footer>
</div>

<script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>

</body>

</html>

Session start error but don´t know how to solve

1 Answers1