Cannot modify header information - headers already sent in php mailer

Question

i am coding token based user password verification, when user click reset button,then password verification link is send to user email account, when user click verification link in there email then,user get login with there username and password,everything is all right in my code my message also be send,but this error message also generated in my new window page. i am sending this email locally throw xampp server.

php:

  <?php 
session_start();
require_once("db.php");
//if user click submit button
if(isset($_POST['submit']))
{
     //escape special charater in string first
    $email = $conn->real_escape_string($_POST['email']);

    // query to check if email already exists or not
    $sql = "SELECT email FROM user WHERE email='$email'";
    $result = $conn->query($sql);
    if($result->num_rows > 0)
    {
        $newToken = rand(100000000, 999999999);
        //encrypt the token
        $token = base64_encode(strrev(md5($newToken)));
        //$token = $newToken;
        //new register token
         $sql1 = "UPDATE user SET token='$token',tokenExpire=DATE_ADD(NOW(),INTERVAL 1 HOUR) WHERE email='$email'";
        if($conn->query($sql1) === TRUE)
        {
            //send mail
            require '../phpmailer/PHPMailerAutoload.php';
            if(!filter_var($email,FILTER_VALIDATE_EMAIL))
            {
            //SHOW ERROR MESSAGE
            }
            else
            {

             $mail = new PHPMailer(true);                              // Passing `true` enables exceptions

             //Server settings
             $mail->SMTPDebug = 2;                                 // Enable verbose debug output
             $mail->isSMTP();                                      // Set mailer to use SMTP
             $mail->Host = 'smtp.Gmail.com';                       // Specify main and backup SMTP servers

             $mail->SMTPOptions = array(
                  'ssl'=>array(
                   'verify_peer'=>false,
                   'verify_peer_name'=>false,
                    'allow_self_signed'=>true   
)                  
);
             $mail->SMTPAuth = true;                               // Enable SMTP authentication
             $mail->Username = 'luckynath4@gmail.com';                 // SMTP username
             $mail->Password = 'secretpassword';                           // SMTP password
             $mail->SMTPSecure = 'tls';                            // Enable TLS encryption, `ssl` also accepted
             $mail->Port = 587;                                    // TCP port to connect to

             //Recipients
             $mail->setFrom("luckynath4@gmail.com","Hiring Top");
             $mail->addAddress($email,"User");                       // Add a recipient


             //Content
             $mail->isHTML(true);                                  // Set email format to HTML
             $mail->Subject = 'Hiring Top-Password Reset Message';
             $mail->Body    = '<!DOCTYPE html>
              <html>
              <head>
                <title>Password Reset</title>
              </head>
              <body>
               Hi,<h3>'.$_POST['email'].'</h3>
                <p>We recieved a password reset request</p>
               <p> In order to reset your password, please click on the link below,</p>
                <p>if you did not make this request,you can ignore this mail.</p>
               <a href="http://localhost/practise/job_portal_theme/verify1.php?token='.$token.'&email='.$email.'">verify your password</a>
               <p>Thanks.</p><br />
               <p>message from Hiring Top team.</p>

              </body>
              </html>';
              if( $mail->send())
              {
                $_SESSION['checkEmail'] = true;
                header("Location:forgot_password.php");
                exit();
              }
              else
              {
                echo 'Mailer error: ' . $mail->ErrorInfo;
              } 

            }

        }
        else
        {
            //If data failed to insert then show that error.  
            echo "Error:" .$sql.$conn->error;
        }




    }
    else
    {
        //if email not found in database
        $_SESSION['emailNotFoundError']=true;
        header("Location:forgot_password.php");
        exit();
    }   

 $conn->close();
}
else
{
//redirect them back to forgot-password.php page if they didn't click Forgot Password button    
header("Location:forgot_password.php");
exit();
}
?>

Answer 1

No output before sending headers

Functions that send/modify HTTP headers must be invoked before any output is made. Otherwise the call fails:

see detail here

OR

try this

use window.location instead of header

echo "<script>window.location.assign('forgot_password.php')</script>";

Answer 2

this was happening for me every time when using this line

header("Location:forgot_password.php");

try instead this:

echo '<script type="text/javascript">window.location = "domain.com/forgot_password.php"</script>';

Answer 3

Functions that send/modify HTTP headers must be invoked before any output is made. Otherwise the call fails:

Warning: Cannot modify header information - headers already sent (output started at file:line) Some functions modifying the HTTP header are:

header / header_remove session_start / session_regenerate_id setcookie / setrawcookie Output can be:

Unintentional: Whitespace before UTF-8 Byte Order Mark Previous error messages or notices Intentional: print, echo and other functions producing output (like var_dump) Raw areas before